Do you think this is a security risk and if not is it a bad UI decision?
Nico Kadel-Garcia
nkadel at gmail.com
Sun May 5 03:42:26 UTC 2013
On Fri, May 3, 2013 at 5:26 PM, Dan Mashal <dan.mashal at gmail.com> wrote:
> On Fri, May 3, 2013 at 2:17 PM, Chris Murphy <lists at colorremedies.com> wrote:
>>
>> On May 3, 2013, at 2:04 PM, Dan Mashal <dan.mashal at gmail.com> wrote:
>>>
>>> I believe that this is a major security risk and that this is a new UI
>>> change going forward and this is not a bug.
>>>
>>> Do you think this is a good idea?
>>
>> No. I think it's a bug, and a bug should be filed on it.
>>
>>
>> Chris Murphy
>> --
>> devel mailing list
>> devel at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/devel
>
> It was.
>
>
> And closed as NOTABUG.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=959541
> https://bugzilla.redhat.com/show_bug.cgi?id=958608
>
> So I just wanted to email other intelligent people and see if I was
> crazy or stupid.
Saving passwords in clear text, it makes certain operations easier,
but makes numerous illicit operations more easy. The ability to, and
value of, shoulder surfing a password is a very real issue in large
shared environments with multiple people with visual access to your
shoulder. The critical one iin my mind is remote electronic access
through shared consoles in VMware environments and in other
virtualizaiton environments. Anyone in the data center can shoulder
surf you with a console to the virtualization *server*.
More information about the devel
mailing list