NetworkManager cleartext config files vs home folder encryption
Per Guth
mailinglist at perguth.de
Wed Dec 25 16:50:41 UTC 2013
On 25.12.2013 15:15, Dimitri John Ledkov wrote:
> The
> expectations are clear that things_outside_ of home directory are not
> encrypted. One should use full disk encryption if full disk encryption
> is expected;-)
Well, that's true for sure. But the user will never be made aware that
the passwords will be stored outside. If he/she goes the standard way
(click the Wifi symbol, select the network, enter the password) the
password will be stored in cleartext.
> I don't worry about the WPA2 / typical WiFi passwords stored
> unencrypted because they are not world readable, only root can read
> them.
I always thought that the main reason someone enables home folder
encryption is that he/she wants to have his/her files secured in case
his/her notebook gets stolen or is lost.
Given that is the main case, I would argue that the current default is
problematic.
Maybe we could ask the question if it should be again as you remember
it: adding a Wifi network does not automatically make it available to
all users and thus keep the password (a bit) more secure.
All the best,
Per
More information about the Ubuntu-devel-discuss
mailing list