Language Selection

English French German Italian Portuguese Spanish

Gnome Lets Anyone See Your Keyring Passwords

Filed under
Software
Security

A security hole in Gnome allows anyone to see your keyring passwords without needing to enter so much as a password.

The Issue
Despite needing to enter your root password to alter such basic things as CPU Scaling, you are not once prompted to enter it to access the Passwords and Encryption Keyring.

Ubuntu Forum user humphreybc, who first reported this anomaly on the Ubuntu Forums, posted a quick –step-through guide so you can see for yourself how dodgy this lapse is: -

1. Restart your computer and login. Do not enter any passwords after your desktop has loaded.

2. Go to Applications > Accessories > Passwords and Encryption Keyrings

3. Click on the 'Login' folder to drop down and view the programs that store data here.

4. Double click on something you want to look at.

5. Click Password to show some dots, then uncheck the box below the dots marked "Show password"

Rest Here




More in Tux Machines

today's howtos

Android Leftovers

University students create award-winning open source projects

In my short time working for Clarkson University, I've realized what a huge impact this small university is making on the open source world. Our 4,300 student-strong science and technology-focused institution, located just south of the Canadian border in Potsdam, New York, hosts the Clarkson Open Source Institute (COSI), dedicated to promoting open source software and providing equipment and support for student projects. While many universities offer opportunities for students to get involved in open source projects, it's rare to have an entire institute dedicated to promoting open source development. COSI is part of Clarkson's Applied Computer Science Labs within the computer science department. It, along with the Internet Teaching Lab and the Virtual Reality Lab, is run by students (supported by faculty advisers), allowing them to gain experience in managing both facilities and projects while still undergraduates. Read more

Linux 4.17-rc2

So rc2 is out, and things look fairly normal. The diff looks a bit unusual, with the tools subdirectory dominating, with 30%+ of the whole diff. Mostly perf and test scripts. But if you ignore that, the rest looks fairly usual. Arch updates (s390 and x86 dominate) and drivers (networking, gpu, HID, mmc, misc) are the bulk of it, with misc other changes all over (filesystems, core kernel, networking, docs). We've still got some known fallout from the merge window, but it shouldn't affect most normal configurations, so go out and test. Linus Read more Also: Upstream Linux support for new NXP i.MX8