NetworkManager cleartext config files vs home folder encryption

Dimitri John Ledkov xnox at ubuntu.com
Wed Dec 25 14:15:37 UTC 2013 

On 25 December 2013 10:31, Per Guth <mail at perguth.de> wrote:
> On 25.12.2013 10:36, Dimitri John Ledkov wrote:
>>
>> It's stored there because "All users may connect to this network"
>> ticked on that Wifi connection point. Open network indicator -> Edit
>> connections ... -> Select network -> Click edit... -> in general tab
>> untick "All users may connect to this network".
>
> I read about that. Unchecking that option moves the password into the user's
> keychain, which is neat.
>
> But it still leaves the question open: Does the regular Ubuntu user really
> expect that there will be clear text passwords for his Wifi networks outside
> his encrypted home folder (without taking additional steps)?
>

I don't remember, but i thought it was not the default. The
expectations are clear that things _outside_ of home directory are not
encrypted. One should use full disk encryption if full disk encryption
is expected ;-)

I don't worry about the WPA2 / typical WiFi passwords stored
unencrypted because they are not world readable, only root can read
them.

Routers are still shipped by ISPs and manufacturers with WPS enabled
by default, which is trivial to bypass in ~40 minutes using laptop /
smartphone. A few WPA setups are similarly easy to crack with traffic
analysis (aircrack etc). So the guide as it stands is a bit useless to
protect wifi password, if it can be cracked remotely anyway and one
didn't advise the user to turn those features off and use maximum
length WiFi passwords.

Creating setuid binaries as recommended in that guide is more harmful,
imho, as it opens up unprivileged root escalation.

And the guide doesn't protect the wifi passwords at all, as just like
before they are root readable or if one has physical access to the
machine. The only difference is, they are encrypted only whilst the
user is not logged in and machine is booted normally.

So my evaluation of the guide is that it does more harm then good, and
doesn't, at all, offer additional protection it claims to provide.

-- 
Regards,

Dimitri.

More information about the Ubuntu-devel-discuss mailing list