Re: keyring primer? KDE?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Laurent Rineau <laurent.rineau__fedora <at> normalesup.org> writes:
> Yes it is. As least it protects you from somebody that manage to steal your 
> KWallet store, without knowing your password.

But where's the added security over plain old *nix permissions?

If you're trying to protect against someone with root privileges, that someone 
can easily plant a keylogger or something to get your passwords. Otherwise, any 
attacker who can read the file also has access to your account somehow, so 
what's keeping them from using the regular gnome-keyring API from a process 
running as you to read all your passwords as soon as pam_keyring unlocks it for 
you? (Root can do that one too, by the way, as they can su to any account.)

Am I missing something?

        Kevin Kofler

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux