Language Selection

English French German Italian Portuguese Spanish

Gnome Lets Anyone See Your Keyring Passwords

Filed under

A security hole in Gnome allows anyone to see your keyring passwords without needing to enter so much as a password.

The Issue
Despite needing to enter your root password to alter such basic things as CPU Scaling, you are not once prompted to enter it to access the Passwords and Encryption Keyring.

Ubuntu Forum user humphreybc, who first reported this anomaly on the Ubuntu Forums, posted a quick –step-through guide so you can see for yourself how dodgy this lapse is: -

1. Restart your computer and login. Do not enter any passwords after your desktop has loaded.

2. Go to Applications > Accessories > Passwords and Encryption Keyrings

3. Click on the 'Login' folder to drop down and view the programs that store data here.

4. Double click on something you want to look at.

5. Click Password to show some dots, then uncheck the box below the dots marked "Show password"

Rest Here

More in Tux Machines

Security Leftovers

Android Leftovers

Using open source principles to build better engineering teams

We become better software developers by observing how some of the best software in the world is being written. Open source has changed and will continue to change the way the world builds software, not only by creating high-quality reusable components, but by giving us a model for how to produce better software. Open source gives us complete transparency into that process. Read more

LinuxCon Europe and Embedded Linux Conference Europe