[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
This requires implementation of user connection seen here - https://bugs.launchpad.net/ubuntu/+source/network- manager/+bug/1116317 . -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
It may look as this is an implementation problem rather than a problem with Network Manager itself. Though I still believe that even allowing passwords to be stored as text is a security flaw, it is possible to configure NM so that it does not store passwords in text files. I have tried KDE and had no problem saving the password in the Kwallet. I wonder why Unity is not configured like KDE. Is the problem with nm-connection-editor, NetworkManager or somewhere else entirely? It may help if I can log a report with the right tool :=) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
The problems I have identified so far: 1. If you have the rights org.freedesktop.NetworkManager.settings.modify.own you will not be able to make a connection by selecting available networks. 2. The option Available to all users seems to be implied when you select a connection from available networks. 3. When you give them org.freedesktop.NetworkManager.settings.modify.system I see no way of enforcing Ask for this password every time 4. Even when you make a connection that is not available to all users it still stores the password as text in /etc/NM... and only add the user name that is allowed to use the connection. What we need is the possibility to create a connection by selecting it from the list of available networks (eduroam) and have it so that the password for each user is stored in the users wallet or keyring. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
** Changed in: network-manager Status: New = Incomplete ** Changed in: network-manager Importance: Critical = Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
I am also having issues with this. In my use case, with NetworkManager-1.0.9.6.4-3.fc17 (64-bit), I have a VPN connection for a non-root user which is set to NOT connect automatically and NOT allowed on a system basis. If I do not enter a passphrase I cannot save the VPN configuration. If I do add a passphrase it is stored under /etc/ with only root permissions rw permissions as 'protection'. As far as I remember,I was not offered the option to store to keyring when I set it up - nor would I want it to. There seems to be an implicit requirement in the design, or belief in the authors, that the password should be stored - I have no idea why this should be. There is further the belief that storing it as plain- text is as safe as it needs to be - perhaps if you're storing it in /etc or in the users keyring that's true, but there is life beyond them.. which is just as well given their limitations. It used to be possible to create configurations without passwords/passphrases, which lead to a prompt for credentials when making a connection using such a configuration - this seems eminently sensible, especially if the passphrase can be protected in memory or otherwise safe-guarded (as done elsewhere). That this ability it no longer there, it would seem to indicate that there was a conscious decision to remove it - if so, can I ask what the thinking was behind it ?... if not, why was it then removed ? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
** Bug watch added: GNOME Bug Tracker #685395 https://bugzilla.gnome.org/show_bug.cgi?id=685395 ** Also affects: network-manager via https://bugzilla.gnome.org/show_bug.cgi?id=685395 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
** Changed in: network-manager Status: Unknown = New ** Changed in: network-manager Importance: Unknown = Critical -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
That may work - IF you create a connection from scratch. People mostly does not do this and I am not going to require my users to learn how to do this either. The normal way of connecting with wireless is to select a connection from the list. If this is a secure connection the user is required to provide a password. There are no options Available to all users in that dialog and if you do not have rights in org.freedesktop.NetworkManager.settings.modify.system you will not be able to create that connection. And the behaviour you describe is also not what I experience. I created a wireless connection and removed Available to all user. NM still stores the password in /etc. IT just adds another option which tells who can user it: [connection] id=test uuid=8e585656-1ca1-42a2-8172-8341a1d052c5 type=802-11-wireless permissions=user:ism001:; [802-11-wireless] ssid=test mode=infrastructure mac-address=08:11:96:C2:02:B4 security=802-11-wireless-security [802-11-wireless-security] key-mgmt=wpa-eap wep-key-flags=1 psk-flags=1 leap-password-flags=1 [ipv4] method=auto [ipv6] method=auto [802-1x] eap=peap; identity=username phase2-auth=mschapv2 password=mypassword password-raw-flags=1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
This is by design. The passwords are stored in files which have appropriate permissions, and the system must be able to retrieve them to transmit to wireless networks. Obfuscating the passwords in those files in a recoverable way would not improve security. ** Changed in: network-manager (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
I also notice that VPN-connection somehow manages NOT to store the password in /etc... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
Those files do not have appropriate permissions. Anyone with root access can read them. While we do have a certain amount of trust in our administrators we do not want to hand them the passwords of our users. We have wireless networks that use the users credentials and not some random password. This design now allows us to log on to any laptop in our organisation and find the users credentials. This is a really terrible design. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
If you want to store wifi passwords on a per-user basis, you should create user wifi connections, not system wifi connections. When creating the connection, uncheck the Available to all users check box. Please be aware that even if wifi passwords are stored in the user's keyring, it is still trivial for the root user to obtain them. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
If you disagree with the Network Manager design, please file a bug upstream here: https://bugzilla.gnome.org/ Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
As long as it is not in plain text in a file on the filesystem I do not care. We want users to be able to set up wireless connections and select available networks. As far as I have acertained this is accomplished by giving them rights to org.freedesktop.NetworkManager.settings.modify.system. If we do this passwords WILL be stored in plain text in /etc. Storing passwords in plain text will *allways* and in any circumstances be a bad design. The VPN test I set up did not store my password in plain text, and yet mysteriously managed to start again without prompting me for a password. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
** Changed in: network-manager (Ubuntu) Status: Invalid = Opinion -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
If you disagree with the Network Manager design, please file a bug upstream here: https://bugzilla.gnome.org/ Thanks. Well thats what happens when I spend too long thinking about an answer. The other part slips one in unseen :) I will do as you ask. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1060907] Re: NetworkManager stores wifi passwords in plain text
If connections are created with Available to all users unchecked, the password will be saved in the user's keyring. The policy access you need for this is ...modify.own, not system; and will give sufficient access for the users to create wifi connections for their own use, while not allowing modifications to provisioned settings. Giving modify.system access is equivalent to giving administrator access for changing/reading the connections created system-wide (the default), and seeing the passwords from the UI. Le 3 oct. 2012 09:45, Ingar Smedstad 1060...@bugs.launchpad.net a écrit : As long as it is not in plain text in a file on the filesystem I do not care. We want users to be able to set up wireless connections and select available networks. As far as I have acertained this is accomplished by giving them rights to org.freedesktop.NetworkManager.settings.modify.system. If we do this passwords WILL be stored in plain text in /etc. Storing passwords in plain text will *allways* and in any circumstances be a bad design. The VPN test I set up did not store my password in plain text, and yet mysteriously managed to start again without prompting me for a password. -- You received this bug notification because you are subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text Status in “network-manager” package in Ubuntu: Invalid Bug description: /etc/NetworkManager/system-connections/some-wireless-profile contains plain text passwords. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1060907 Title: NetworkManager stores wifi passwords in plain text To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1060907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs