After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 617332 - Gnome keyring passwords exposed
Gnome keyring passwords exposed
Status: RESOLVED DUPLICATE of bug 551036
Product: seahorse
Classification: Applications
Component: general
unspecified
Other Linux
: Normal critical
: 2.26.0
Assigned To: Seahorse Maintainer
Seahorse Maintainer
Depends on:
Blocks:
 
 
Reported: 2010-04-30 21:24 UTC by markos
Modified: 2011-11-26 20:48 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description markos 2010-04-30 21:24:19 UTC 
Surely this issue is duplicated but I can't find it.

Gnome ver: 2.30
SO: GNU/Linux Ubuntu 10.04 x64

When you access your Gnome keyring all the passwords are totally exposed in plaintext through Seahorse manager until the next reboot, this is obviously a critical security hole because somebody can steal all the user accounts simply using the mouse while the fool are 3 meters away, it's totally nuts.
Comment 1 J. Bauer 2011-05-15 12:59:22 UTC 
I can confirm that issue for Ubuntu 11.4 Natty. All the passwords beside those needed for Gwibber (because that are only "security tokens" for the gwibbwer app on the social networks) are stored and accessible to everyone in plain text. I don't think that this is a good behaviour.
Comment 2 Andreas Moog 2011-11-26 18:42:38 UTC 
This looks like a duplicate of 551036 to me.
Comment 3 André Klapper 2011-11-26 20:48:27 UTC 
Thanks for finding it. Marking as dup.

*** This bug has been marked as a duplicate of bug 551036 ***