qtkeychain icon indicating copy to clipboard operation
qtkeychain copied to clipboard

Published 20 hours ago verified publisher icon frankosterfeld

Linux uses insecure storage for password

Open jamincollins opened this issue 9 years ago • 2 comments

I originally filed this against the ownCloud client. They requested that it be filed here: https://github.com/owncloud/client/issues/3060

I recently looked into how the ownCloud client was storing user passwords and found that it was using the Gnome Keyring Daemon. The Gnome Keyring Daemon is not a secure storage location, this has been discuss off and on for a while now:

http://mdeslaur.blogspot.com/2009/11/gnome-keyring.html https://mail.gnome.org/archives/gnome-keyring-list/2010-December/msg00013.html

jamincollins avatar Apr 24 '15 15:04 jamincollins

There no alternative under Gnome, is there? The idea of qtkeychain is to use what the platform offers and what other native applications use.

frankosterfeld avatar May 08 '15 20:05 frankosterfeld

Seems there is: https://github.com/mhogomchungu/lxqt_wallet

jamincollins avatar Jun 03 '15 06:06 jamincollins