Thank you for using Ubuntu and reporting a bug. This is expected
behavior now (see bug #959445). The files are root owned and not group
or world readable. This is consistent with other sensitive information
on the system, such as /etc/shadow. If you prefer your network
connections to be stored in your home directory, I suggest not having
these connections be system connections.
** Changed in: network-manager (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/984704
Title:
Sensitive user connections stored outside of the encrypted home folder
Status in “network-manager” package in Ubuntu:
Won't Fix
Bug description:
Coming from the last LTS to precise i got shocked that by default my
user only network connections with all credential are no longer stored
under "~/.gconf/system/networking/connections" but under
"/etc/NetworkManager/system-connections/".
This seems to come from the configuration changes of 0.9, but it has
quite a security impact on Ubuntu's default ecryption method with
ecryptfs secured home directories. Meaning my user only network
settings with all password for wireless, VPN and co aren't stored in a
safe manner anymore.
Therefore this should be at best changed for ecryptfs installations
via some kind of trigger in the session startup or at least should be
highlighted in the release notes for precise.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/984704/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
