You have been subscribed to a public bug by Marc Deslauriers (mdeslaur):
Binary package hint: seahorse
julien@x5din:~$ lsb_release -rd
Description: Ubuntu Natty (development branch)
Release: 11.04
As of Monday 18th April 2011 after full upgrade/update
I hope this is the right package :
gnome-keyring:
Installé : 2.92.92.is.2.32.1-0ubuntu2
Candidat : 2.92.92.is.2.32.1-0ubuntu2
Table de version :
*** 2.92.92.is.2.32.1-0ubuntu2 0
500 http://fr.archive.ubuntu.com/ubuntu/ natty/main i386 Packages
100 /var/lib/dpkg/status
seahorse:
Installé : 2.32.0-0ubuntu3
Candidat : 2.32.0-0ubuntu3
Table de version :
*** 2.32.0-0ubuntu3 0
500 http://fr.archive.ubuntu.com/ubuntu/ natty/main i386 Packages
100 /var/lib/dpkg/status
And eventually, I hope this really is a bug. If it is not a technical/coding
bug, it should at least by a functional bug.
BUG: when I launch the keyring manager in the "control center", or "settings
manager" (whatever it is called in English, I use another language), I can
double click entries such as "Desktop Couch user authentication" or "Ubuntu
One" or "IM account password for [email protected]
(gabble/jabber/someuser_40gmail_2ecom0)".
In the window popping up, I can check the box to reveal the password. My guess
is that most of them are computer-generated passphrases, and I don't really
care about those. However, the "IM account password for [email protected]
(gabble/jabber/someuser_40gmail_2ecom0)" reveals an unprotected password, mine!
I did not need to verify my identity to get to the information and could
get the password in just three clicks and a double-click. This is
personal information, and it should be kept private for security
purposes. Someone who using the computer and who is not me should not be
able to find out my password that way.
Please have a look at the screenshot I attached and do not hesitate and write
me. I will do my best to be useful.
Thanks for the work.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: seahorse 2.32.0-0ubuntu3
ProcVersionSignature: Ubuntu 2.6.38-8.42-generic-pae 2.6.38.2
Uname: Linux 2.6.38-8-generic-pae i686
NonfreeKernelModules: nvidia
Architecture: i386
Date: Mon Apr 18 21:30:28 2011
ExecutablePath: /usr/bin/seahorse
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release i386 (20101007)
ProcEnviron:
LANGUAGE=fr_FR:en
LANG=en_US.UTF-8
LC_MESSAGES=fr_FR.UTF-8
SHELL=/bin/bash
SourcePackage: seahorse
UpgradeStatus: Upgraded to natty on 2011-04-12 (6 days ago)
** Affects: seahorse (Ubuntu)
Importance: Undecided
Status: New
** Tags: apport-bug apport-lpi ayatana-scrollbar i386 natty running-unity
--
keyring manager reveals passwords to unprivileged users
https://bugs.launchpad.net/bugs/765112
You received this bug notification because you are a member of Ubuntu Bugs,
which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
