NetworkManager stores wifi passwords in plain text
Bug #1060907 reported by
Ingar Smedstad
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
NetworkManager |
Incomplete
|
Medium
|
|||
network-manager (Ubuntu) |
Opinion
|
Undecided
|
Unassigned |
Bug Description
/etc/NetworkMan
security vulnerability: | yes → no |
visibility: | private → public |
security vulnerability: | no → yes |
Changed in network-manager (Ubuntu): | |
status: | Invalid → Opinion |
Changed in network-manager: | |
importance: | Unknown → Critical |
status: | Unknown → New |
Changed in network-manager: | |
importance: | Critical → Medium |
status: | New → Incomplete |
To post a comment you must log in.
This is by design. The passwords are stored in files which have appropriate permissions, and the system must be able to retrieve them to transmit to wireless networks. Obfuscating the passwords in those files in a recoverable way would not improve security.