wicd

plain-text password

Asked by Marcus Dowling on 2012-05-18

Hi,

First of all I want to thank you for your great work on the wicd network manager!

I have a concern that I wan't to share with you.
In the WICD config file passwords are stored in plain tekst. This is an issue.
As the IT world is on the eve of getting more and more users that make use of the Bring Your Own concept.
The storing of passwords plaintext is becoming an issue.
Please consider using an encryption algorithem like RIJNDAEL in the interface. This will prevent the leaking of passwords.

Thank you and keep up the good work.

Question information

Language:: English Edit question

Status:: Answered

For:: wicd Edit question

Assignee:: No assignee Edit question

Last query:: 2012-05-18

Last reply:: 2012-05-19

Link existing bug

Revision history for this message

Adam Blackburn (adamblackburn) said on 2012-05-19:

We wanted it to be able to connect during boot which it would be unable to do if the passwords were encrypted. If the passwords are encrypted with a key known to wicd, then it would provide a false sense of security since it would be possible to extract the key from the program's source code. At any rate, they're not visible to any users other than root via the filesystem.

Can you help with this problem?

Provide an answer of your own, or ask Marcus Dowling for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

wicd

plain-text password

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers