Comment 46 for bug 41134

Is this bug still present in 12.04/Precise? I just discovered that in /etc/NetworkManager/system-connections there is a file which holds the password for a WPA-EAP/TTLS connection in plaintext even though that connection is not marked as "available for all users" in the wifi settings. This has huge security implications as per comment #41 and most users would expect it to be stored at least inside $HOME, possible protected by ecryptfs.