Could someone else post a bug report for me please? Feel free to use my attached image as a demo. I would do it, but I'm a bit tied up with a non-booting system.
Writer for OMG! Ubuntu!, Editor-in-Chief Ubuntu Gamer. Co-founder of media and software company Ohso.
Wow, blatant security flaw indeed!
If the sudo command asks for password, accessing other partitions asks for password, update manager asks for password, if the wireless access point is turned off for a while it keeps asking for password (annoying since Windows can reconnect automatically when the access point becomes available), why cant accessing keyring and stored passwords require asking for password???
Last edited by Bachstelze; October 27th, 2009 at 08:54 AM.
"Protecting your personal data is your responsibility, not the system's."
And I want to protect it by making the system ask for a password to access it. But the system provides no such option. It asks for a password to access other partition which neither has any linux system files nor any other OS files. I don't see much difference between the two from a user's perspective.
And shouldn't accessing system wide keyring be a higher privileged operation?
It's all about having layers of security.
Even though I understand why this is the case, I'd agree with requiring a user to enter their password before showing their stored passwords.
Lets just say someone had a computer which has automatic loggin on enabled (like me because karmics boot time is so slow) and then, without any password needing to be entered, WHATSOEVER, someone who decides they want to access my computer now can see all my passwords for every single program with just a few clicks. Yes, this is our own responsibility, but SURELY there should be an option to password protect our whole keyring? I know you will probably tell me there is a way, and feel free to tell me, but its not obvious
Last edited by Bachstelze; October 27th, 2009 at 09:56 AM.
Bookmarks