ubuntu-devel Digest, Vol 58, Issue 22
Darren Albers
dalbers at gmail.com
Sun Jun 21 00:19:36 BST 2009
On Sat, Jun 20, 2009 at 1:44 PM, Mark Syms<mark at marksyms.me.uk> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>> Subject:
>> Re: One Hundred Paper Cuts -- the first ten
>> From:
>> Dmitrijs Ledkovs <dmitrij.ledkov at gmail.com>
>> Date:
>> Sat, 20 Jun 2009 02:10:31 +0100
>> To:
>> ubuntu-devel at lists.ubuntu.com
>
> <SNIP>
>> Someone who uses auto-login generally don't want to type a password
>> ;-) Someone later referenced Mac Os X behaiviour and IMHO they have
>> following design choise:
>>
>> 1) Store everything in the encrypted keyring(s)
>>
>> 2) There are multiple keyrings but generally the usual one (including
>> network passwords) is your default keyring which is unlocked with
>> login password (or part of the login process)
>>
>> 3) Then if you do auto-login it does ask you for the network password
>> but it gives you a checkbox (actually a padlock) which you can check
>> which is equivalent to allow this application access this password
>> without unlocking the rest of the keychain. (real life equivalent
>> leave the padlock on your shed unlocked because it's nothing but
>> broken shovels)
>
> So could something like the following be done. Default to use the
> standard keyring secured by the login password. If the keyring is not
> unlocked when NetworkManager wants to access it (possibly because of
> auto-login or other), give the option to always allow this and at that
> point create a special keyring and copy the access information over to
> the other keyring. Of course this does then make it look less like a
> papercut and more a piece of architectural engineering.
>
> Mark.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAko9H+4ACgkQO5n4za5gggnJVACfQXsniPf22tNOMJbquSh1dm8X
> 5OEAn0GIgCgu6bX4Su4zHM+IBXDH6FSM
> =4C7P
> -----END PGP SIGNATURE-----
>
Doesn't NetworkManager already do this? I thought that checking
"Available to all users" had the connection start automatically
without logging in?
More information about the ubuntu-devel
mailing list