© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
xim wrote:
> One question: does the patch only fix the issue of not being able to
> save WPA-E passwords in keyring, or does it also ensure that passwords
> are *never* saved in plain text? ... I consider saving passwords in
> plain text without warning a user is much worse than not saving the
> password at all.
It only fixes the case of WPA-EAP (password and/or certificate
pass-phrase). I agree it would be ideal if passwords were never stored
clear but from what I've seen of the code I think it would be a fairly
intrusive re-write to prevent that generally.
Also this may be the last case where they weren't stored in the keyring,
in which case the motivation to write a new infrastructure to prevent it
goes away.
Please do test it, though, if you have a network it can be tested on. I
don't think Canonical has a WPA-EAP network so this will have to rely on
the users and on the eyes that look at the code.