Make it easy to keep credentials encrypted
Bug #293623 reported by
Leonard Richardson
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
launchpadlib |
Invalid
|
High
|
Unassigned |
Bug Description
Currently credential files are stored wherever you like. But credential files let someone else access Launchpad as you and carry out actions in your name. It's more like a GPG private key than like your Linux account's password.
We should make it easy to store a credential file in a known secure location (if one exists), say ~/Private/
Changed in launchpadlib: | |
importance: | Undecided → High |
status: | New → Triaged |
To post a comment you must log in.
I think this bug is misconceived, and Launchpad should not do anything special in this direction. The standard way to store encrypted credentials is in the system's keyring database. Security-conscious users will likely opt in to having their entire home directory encrypted.