Your message dated Thu, 01 Jan 2015 01:27:08 +0100
with message-id <54a4945c.6090...@debian.org>
and subject line Re: [Pkg-utopia-maintainers] Bug#774051:
[network-manager-gnome] does not save config for networks to user directory
has caused the Debian Bug report #774051,
regarding [network-manager-gnome] does not save config for networks to user
directory
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
774051: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774051
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package: network-manager-gnome
Version: 0.9.10.0-2
Severity: grave
- --- Please enter the report below this line. ---
Settings for connections are saved in /etc/NetworkManager/system-connections/
and not in user home directories.
So even user has encrypted home directory his wifi keys are unencrypted saved.
In case of stolen notebook invader has access to any of these wifi networks.
In my case there is also saved password for VPN network in [vpn-secrets] simply
in a plain format.
There is also any possibility to save different wifi networks for different
users.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAlSfYu4ACgkQ6aU4/+gLeBmINgCeMJfYIHQ5alMplYAZJkJ2NUb6
c3wAoK39UlcFLsEazW/Yihl+lIMiDiKJ
=EpM5
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Am 28.12.2014 um 02:54 schrieb Marek Straka:
> Package: network-manager-gnome
> Version: 0.9.10.0-2
> Severity: grave
>
> --- Please enter the report below this line. ---
>
> Settings for connections are saved in /etc/NetworkManager/system-connections/
> and not in user home directories.
>
> So even user has encrypted home directory his wifi keys are unencrypted
> saved. In case of stolen notebook invader has access to any of these wifi
> networks.
>
> In my case there is also saved password for VPN network in [vpn-secrets]
> simply in a plain format.
>
> There is also any possibility to save different wifi networks for different
> users.
While the connection settings itself are stored in
/etc/NetworkManager/system-connections when using the keyfile plugin,
the passphrases/secret are not necessarily stored there.
These are the defaults:
- Bluetooth, CDMA and GSM connections: always user-owned
- WEP/WPA connections: system-owned if user has the permissions
(with NM’s config, that is netdev or sudo membership), user-owned
otherwise. The password is stored in the keyring for WPA, not for
WEP.
- WiMax / Wired connections: always system-owned (with 802.1x
passwords in the keyring).
This behaviour can be overriden per connection, by choosing to not make
the connection "Available to everyone".
Closing the bug report.
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
--- End Message ---
