[Bug 26306] MissionControl deliver clear text password through Account.Parameters
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Fri Jan 29 15:34:57 CET 2010
http://bugs.freedesktop.org/show_bug.cgi?id=26306
Will Thompson <will.thompson at collabora.co.uk> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |NOTABUG
--- Comment #3 from Will Thompson <will.thompson at collabora.co.uk> 2010-01-29 06:34:57 PST ---
(In reply to comment #2)
> The BUG is there because the TP spec for account bypass the keyring. MC obtain
> right to read password in the keyring and allow (without user being informed)
> all other processes to obtain them.
If a process can access the bus, then the process can do whatever the keyring
does to read your passwords from disk, because it is running as your user. It's
the same non-issue.
> This bug may not be fixed in short term, but an archive of it is really
> important. It's a matter of month before respectable distros like RedHat or
> Suse reject our software because of that.
Oh, right, just like "respectable distros" rejected Pidgin for storing your
passwords in plain text for the last ten years.
--
Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the telepathy-bugs
mailing list