gnome keyring always needs to be unlocked
Jon Nettleton
jon.nettleton at gmail.com
Thu Oct 18 11:36:15 UTC 2007
On 10/18/07, Kevin Kofler <kevin.kofler at chello.at> wrote:
> IMHO gnome-keyring should simply allow passwordless keyrings like KWallet does,
> that would solve this problem in a much simpler way for most use cases, and
> standard *nix permissions will keep the data just as secure as with pam_keyring
> automatically unlocking the keyring for the user owning it anyway.
>
That is absolutely 100% not true. If someone steals your laptop and
you have a passwordless keyring like in KWallet, your passwords are
pretty much stolen. Boot off a bootable cd mount the filesystem,
done.
With pam_gnome_keyring those passwords are still encrypted on disk and
without the key, the thief gets nothing.
Jon
More information about the devel
mailing list