Evolution still does not use gnome-keyring in hardy
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| evolution (Ubuntu) |
Invalid
|
Wishlist
|
Ubuntu Desktop Bugs | ||
Bug Description
Binary package hint: evolution
I' ve set up my e-mail account (pop3 with ssl) in evolution under hardy.
I had deleted the .gonme2_private folder before doing that.
After I gave my password to fetch the mails from the server, the folder was recreated with the Evolution file in it containing my password in base64 encoding.
I checked, if there was a new password entry in seahorse, but there was none.
This is not, what is expected, since evolution can now use the gnome-keyring to securely store passwords.
I consider this a security vulnerability, as everyone with access to the machine can read my passwords, while I'm not logged in, while the gnome-keyring would prevent this (and make password managing way easier)
Please turn on gnome-keyring support for evolution.
| Nicolò Chieffo (yelo3) wrote | #1 |
| Sebastien Bacher (seb128) wrote | #2 |
| Changed in evolution: | |
| assignee: | nobody → desktop-bugs |
| importance: | Undecided → Wishlist |
| status: | New → Invalid |
I'm really interested in this problem. Are you sure that evolution supports the gnome keyring?