Passwords are too easy to steal
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| seahorse (Ubuntu) |
Invalid
|
Low
|
Unassigned | ||
Bug Description
To get a remembered password in plain text all you have to do is open seahorse, then right-click on the desired password, properties, password, show password. And there's the password on your screen.
This makes it too easy to steal a password, seahorse should ask for the current user's password before showing such sensitive information.
ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: seahorse 3.2.2-0ubuntu0.1
ProcVersionSign
Uname: Linux 3.0.0-17-generic i686
ApportVersion: 1.23-0ubuntu4
Architecture: i386
Date: Thu Mar 29 09:14:22 2012
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release i386 (20111012)
ProcEnviron:
LANGUAGE=es:en
PATH=(custom, user)
LANG=es_PE.UTF-8
LC_MESSAGES=
SHELL=/bin/bash
SourcePackage: seahorse
UpgradeStatus: No upgrade log present (probably fresh install)
| Juan Montoya (th3pr0ph3t) wrote | #1 |
| Sebastien Bacher (seb128) wrote | #2 |
| Changed in seahorse (Ubuntu): | |
| status: | New → Invalid |
| importance: | Undecided → Low |
| Barneedhar (barneedhar) wrote | #3 |
Thank you for your bug report, that was reported before but bottom line is that if you let access to your unlocked to somebody hostile you lost anyway on the security front, it's not to ask for a seahorse password which will fix that