Is there a way to make kdewallet not to display (to anyone) passwords when that particular wallet is open (in use by an app)?
For example, I have kwallet to store my kopete passwords. I usually have kopete running so theat wallet is open too almost all the time I have my laptop turned on. In this situation anyone (ie while I go to the toilet) can view all my passwords stored on kwallet:
Kmenu -> Setting -> Security & Privacy -> KDE wallet -> Launch Wallet Managet -> Open wallet (as the wallet is open it doesn't ask for a password!) and voilá, you can have access to see, read and copy ALL my passwords! (ie to see kopete passwords: Kopeete -> passwords -> account x -> Show contents)
If you remove kwalletmanager in access control from that wallet you can do the same, the only additional step is that you (anyone) have to Allow acces (once or allways) when prompted, but you can still get to the passwords to be displayed gracefully written... so what is the utility of encryption if the passwords are accessible via GUI?
Shouldn't this be password protected? ie on firefox even after you input the master password for the password manaager, if you go to the preferences and try to "show passwords" you are prompted for the master password to display them (I belive that is to prevent situations like the one I'm describing here with kde wallet).
PS: Using Kubuntu Gutsy 7.10, KDE 3.5.8, KDE Wallet Manager 1.1
KDE-Forum.org »
KDE »
Administration »
Wednesday, November 6th 2024, 3:22pm
Go to the top of the page
