Language Selection

English French German Italian Portuguese Spanish

Gnome Lets Anyone See Your Keyring Passwords

Filed under
Software
Security

A security hole in Gnome allows anyone to see your keyring passwords without needing to enter so much as a password.

The Issue
Despite needing to enter your root password to alter such basic things as CPU Scaling, you are not once prompted to enter it to access the Passwords and Encryption Keyring.

Ubuntu Forum user humphreybc, who first reported this anomaly on the Ubuntu Forums, posted a quick –step-through guide so you can see for yourself how dodgy this lapse is: -

1. Restart your computer and login. Do not enter any passwords after your desktop has loaded.

2. Go to Applications > Accessories > Passwords and Encryption Keyrings

3. Click on the 'Login' folder to drop down and view the programs that store data here.

4. Double click on something you want to look at.

5. Click Password to show some dots, then uncheck the box below the dots marked "Show password"

Rest Here




More in Tux Machines

Manjaro 0.8.10 Gets Its Tenth Update Pack and New Linux Kernels

The Manjaro 0.8.10 OS, a Linux distribution based on well-tested snapshots of the Arch Linux repositories and 100% compatible with Arch, has received a new update pack that consists of some minor changes and a few new kernels. Read more

ISO/IEC JTC1 Approves ODF 1.2 PAS Ballot

OASIS ODF 1.2, the current version of the Open Document Format standard, was approved by ISO/IEC JTC1 National Bodies after a 3-month Publicly Available Specification (PAS) ballot. The final vote for DIS 26300 was: 17-0 for Parts 1 and 2, and 18-0 for Part 3. Read more

KDE Applications and Platform 4.14.1 Officially Released

The KDE developers have released an update for KDE 4.14, which is actually the last version in the series. It will soon be replaced by KDE Frameworks 5, KDE Plasma, and KDE Applications. The entire system is now much more modular and the projects have been decoupled. The devs won't have to follow the same version number, so there will be some misunderstandings in the future. Read more

Popcorn Time 0.3.3 Released With Support External Media Players And Chromecast, More

Popcorn Time 0.3.3 was released today and it comes with quite a few new features, including support for external players such as VLC, XBMC, MPlayer, mpv and others, Chromecast and Airplay support, 3 new themes and more. Read more