Bug 220913 - WPA Enterprise Password in Cleartext
WPA Enterprise Password in Cleartext
Product: Fedora
Classification: Fedora
Component: NetworkManager (Show other bugs)
All Linux
medium Severity high
: ---
: ---
Assigned To: Dan Williams
Depends On:
  Show dependency treegraph
Reported: 2006-12-28 15:39 EST by Russell Harrison
Modified: 2008-04-03 12:08 EDT (History)
1 user (show)

See Also:
Fixed In Version: 0.6.6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-04-03 12:08:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
GNOME Bugzilla 359541 None None None Never

  None (edit)
Description Russell Harrison 2006-12-28 15:39:26 EST
Description of problem:
The user name and password for WPA Enterprise connections are stored in plain
text in gconf.

Version-Release number of selected component (if applicable):

How reproducible: Always

Steps to Reproduce:
1. Connect to a WPA Enterprise network using PEAP

Actual results:
Notice that the user name and password are stored in gconf at:

Expected results:
Private data should be stored in the gnome-keyring or some other encrypted store

Additional info:
It should also be possible to instead of caching the authentication information
to prompt the user for their user name / password every time the connection is
established in a similar way to wpa_supplicant-gui.  This would allow networks
to be configured in advance by IT organizations without needing to know a user's
auth credentials.
Comment 1 Brian Long 2007-03-05 14:21:48 EST
Any updates on this?  I notice someone posted this issue to networkmanager-list
on 3/3.
Could you put some pressure on upstream to get rid of the plaintext password in
Comment 2 Dan Williams 2008-01-07 17:17:02 EST
Fixed in upstream applet stable branch r432 for 0.6.x; and not a problem in 0.7
from the start.  Should issue an update to NM for F7 in the near future.
Comment 3 Dan Williams 2008-04-03 12:08:52 EDT
F7 update has been issued.

Note You need to log in before you can comment on or make changes to this bug.