What is the point of the NM keyring?
Marcelo Magno T. Sales
mmtsales at gmail.com
Sun Jul 20 14:16:40 UTC 2008
Em Dom 20 Jul 2008, Timothy Murphy escreveu:
> Some kind soul pointed out that one could get rid
> of the demand by NM for a keyring password
> by deleting .gnome2/keyrings/default.keyring
> and then giving an empty password when requested.
>
> But that made me wonder what possible point
> the keyring password could have?
> Is it intended as some kind of security device?
> As far as I can see, you have to be logged in to run NM,
> and if you are logged in you can delete this file.
>
> I might say the same about the KDE wallet system.
> How does this make one's part of the system more secure,
> since it is open to you to change the wallet password,
> or even to make it empty?
Don't know about gnome keyring, but in KWallet you can change a wallet's
password only if you know the previous one. If you delete the default
wallet you can choose whatever password you like when it's recreated, of
course. But if you do delete one of the wallets, then you loose all
passwords stored in it, so I would say they are indeed protected.
There's no way of recovering the passwords stored in a wallet without
knowing the wallet's password.
I believe gnome keyring behaves the same way.
> I live in an old house with hundreds of locks
> on cupboard doors, etc, to which almost all the keys
> have long ago disappeared.
> It seems to me Fedora is getting a bit like that.
>
> I wish I felt there was someone whose job it was
> to make Fedora/Linux simpler to use
> rather than just adding more features
> with keys and passwords to fit.
The purpose of wallets and keyrings is to make your life easier by
having to remember just one password, the one that opens your wallet.
All the others can be securely stored in the wallet. However, if you
loose the wallet's password, then you loose all passwords stored in it.
[]'s
Marcelo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080720/cb863a18/attachment-0001.htm>
More information about the fedora-list
mailing list