xim wrote:
> One question: does the patch only fix the issue of not being able to
> save WPA-E passwords in keyring, or does it also ensure that passwords
> are *never* saved in plain text? ... I consider saving passwords in
> plain text without warning a user is much worse than not saving the
> password at all.
It only fixes the case of WPA-EAP (password and/or certificate
pass-phrase). I agree it would be ideal if passwords were never stored
clear but from what I've seen of the code I think it would be a fairly
intrusive re-write to prevent that generally.
Also this may be the last case where they weren't stored in the keyring,
in which case the motivation to write a new infrastructure to prevent it
goes away.
Please do test it, though, if you have a network it can be tested on. I
don't think Canonical has a WPA-EAP network so this will have to rely on
the users and on the eyes that look at the code.
xim wrote:
> One question: does the patch only fix the issue of not being able to
> save WPA-E passwords in keyring, or does it also ensure that passwords
> are *never* saved in plain text? ... I consider saving passwords in
> plain text without warning a user is much worse than not saving the
> password at all.
It only fixes the case of WPA-EAP (password and/or certificate
pass-phrase). I agree it would be ideal if passwords were never stored
clear but from what I've seen of the code I think it would be a fairly
intrusive re-write to prevent that generally.
Also this may be the last case where they weren't stored in the keyring,
in which case the motivation to write a new infrastructure to prevent it
goes away.
Please do test it, though, if you have a network it can be tested on. I
don't think Canonical has a WPA-EAP network so this will have to rely on
the users and on the eyes that look at the code.