Passwords

2009-12-12
2013-04-25
  • Jason Benoit
    Jason Benoit
    2009-12-12

    Hi,

    I want to try this software out, as it sounds great. I have one concern. In the , a user noted that the password is stored in plain text. Is this true, and are there plans to encrypt it?

      : http://ubuntuforums.org/showpost.php?p=8485240&postcount=8

     
  • Jim Duchek
    Jim Duchek
    2009-12-12

    Short answer, yes, plaintext.  Long answer:

    Yes, the password is stored in plaintext, although the file is chmod'd such that only your user can see it.  There are no plans to 'encrypt' it, although I'm adding an option where if you leave it blank, it'll ask you every time you start it up, for those worried about it being left on the disk (in the next version released, likely)  I may look into trying to use gnome-keyring from Python.   I haven't looked into it much, and here's why:

    There is no way to 'encrypt' a password you need on disk without requiring another password to unencrypt it.  You can, of course, do something like Firefox (if you don't use a master password, which most people don't) and just obfuscate the password, but that's merely security theatre - anyone with access to the file would still be able to get your password, albeit with a little bit more effort on their part.  Regardless, anyone capable of getting access to arbitrary files in your home directory is more than capable of un-obfuscating something like that.

    The following scenarios would allow an attacker to get access to this file:

    1> Anyone gains root access to your system.  From the network, extremely difficult on most 'Desktop' installs most people use - they're pretty locked down.

    2> Anyone gains physical access to your machine and knows what they're doing - steals/copies the contents of your hard drive, reboots with init=/bin/sh, etc.  If you're anal enough to be worried about this, you probably ought to be encrypting your drives anyhow.

    3> Anyone gains access to read arbitrary files with the permissions of your user (A situation where an attacker managed to, say, be able to run programs as 'mail' or another random user would not be able to access this file, which constitute most *nix exploits)… or just somehow found out the PW to your user and logged in, which means I doubt your Google password is any more secure ;)  There have been browser/java/javascript/etc exploits like this in the past, although they're pretty rare and usually patched quite quickly.

    All in all the only method of getting at this file (that doesn't seem extraordinary) is somebody sitting down at your machine while unattended and looking at it.  Obfuscation could help a little bit in this case (making such a person take a little bit more time in front of your machine), but I don't want anyone to be thinking their password is somehow 'encrypted' when it's really not, which is why I will never use obfuscation. 

     
  • Jason Benoit
    Jason Benoit
    2009-12-13

    Thank you sir, you have convinced me. Sorry to make you take your time on this Jim, but perhaps others will learn as I have.

    I don't know near as much about Linux as I should or would like, but this helped remind me about what I did know. I was being "silly", but I didn't know it or why.