I also recently found out that NM stores the password for the WLAN at my university in clear text in the gconf database.
In my optinion this is a huge security issue! At my university students get ONE password for their shell acounts, email, logins to administrative websites, etc pp. And of course for access to the campus WLAN. And this one password is stored in clear-text on my computer. So I only need to leave my laptop unattended for a minute and this would be enough for an attacker (who probably knows what can be done with the password because he's a student too) to steal my password! Needless to say, a lot of bad stuff can happen after that... I really cannot believe that this bug has been open for almost TWO years now with priority medium... For me, storing the password in clear-text is vastly worse than not storing it at all! I'll try to have a look at the network-manager code to see if I can do anyhting, but don't hold your breath... If anyone can get the attention of the security people to this, that would be great! -- Does not store WPA-Enterprise password in keyring https://bugs.launchpad.net/bugs/41134 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
