Timothy Murphy wrote:
Patrick O'Callaghan wrote:But that made me wonder what possible point the keyring password could have? Is it intended as some kind of security device? As far as I can see, you have to be logged in to run NM, and if you are logged in you can delete this file. I might say the same about the KDE wallet system. How does this make one's part of the system more secure, since it is open to you to change the wallet password, or even to make it empty?The point is to allow you to store large numbers of passwords or encryption keys to be applied automatically when required (modulo the collaboration of the password-requiring agent of course), so you don't have to answer a challenge every time you use something that requires a password or key.I'm almost convinced. But what is the point of having large numbers of passwords, if one password will open all the locks?
Gee Timothy. Do you lock all of the doors on your house with the same key? And your auto? How about the office door(s)? All with the same key?
You 'lock' everything with the same key and then the key is stolen and/or cracked. Does that mean that you are really, really open then? ;-)
-- David
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
