Using password less Pam modules for login, sudo, & etc cannot currently unlock the Gnome keyring, causing users to have to enter a password anyway. Aside from the convenience and security benefits of being able to fully use a fingerprint scanner or facial recognition, providing a mechanism to use other Pam modules may have accessibility benefits user who have difficulty typing or remembering passwords.

A user with sensitive data on their computer may be coerced into giving up their login password.
In that case, the Private folder or the home folder encryption provided by Ubuntu are no good.

Despite needing to enter your root password to alter such basic things as CPU Scaling, you are not once prompted to enter it to access the Passwords and Encryption Keyring. Anyone is able to view your stored MSN, Twitter, email and Wifi passwords in four simple clicks of the mouse from the desktop.

How to reproduce:

1. Restart your computer and login. Do not enter any passwords after your desktop has loaded.

2. Go to Applications > Accessories > Passwords and Encryption Keyrings

3. Click on the 'Login' folder to drop down and view the programs that store data here.

4. Double click on something you want to look at.

5. Click Password to show some dots, then uncheck the box below the dots marked "Show password"

6. Note that throughout this whole procedure, not once were you prompted to enter in anything that verifies you are authorized to view this information.

This is a security risk, and, because it is a conscious decision for design, not classified as a bug.

Here's the related Ubuntu Forums thread:
http://ubuntuforums.org/showthread.php?t=1302342

and, a post on omgubuntu.co.uk:

http://www.omgubuntu.co.uk/2009/10/security-issue-in-gnome-lets-anyone-see.html

[....]

Since it seems like people are using the same passwords half across the internets and maybe even their own computer. :(

I would like to see a gnome applet that:

1. You use a master password. (One good, strong password to remember!) Even if this password is compromised, and thanks to the use of "description values", if this password is "lost", it do not threaten all your passwords.
You could even have an extra description values like "sausage"/"flower"/"badger", to get even higher security.

2. Generates your password through algorithms and descriptions on what you use it for. Site url/file/tags/etc. Plus possibilty to use extra personal values for heightened security.

3. _No storage_ of any passwords on disk. (No need for backup) Only descriptions is stored in a encrypted file. (See solution #2)

4. Should be easy to generate new strong passwords.

5. Should be able to autocomplete.

6. Should be useful when using another computer (Public/job) by use of "online" script, which is run locally from browser. Which is achieved by masterpassword + descriptions (as in the url+username/other values, for the site to access) As in: http://passwordmaker.org/passwordmaker.html

How it could work:
The password to use are generated by a master password and "description values" (url/username/tags/file/date/etc.) -> one way hash algorithm ( http://en.wikipedia.org/wiki/Cryptographic_hash_function )= message digest( http://www.rsa.com/rsalabs/node.asp?id=2176 )=password to use. READ ON PLEASE! :D

[....]

Files in a VFAT file system should by default be mounted read-write only. At present files in a VFAT file systems are mounted with [r]ead-[w]rite-e[x]ecute permissions for the current user. In technical language the permissions on the file are set to 755 (rwx for the current user and rx for other users).

This simply doesn't make sense. Nobody in his right mind would distribute, if ever needed, Linux executables inside a VFAT file system (ext* will probably be used). On the other hand Wine, the main program used to execute Windows binaries in Linux, doesn't require such permissions.

Since the dominant use of VFAT is for flash drives, I suggest that the files that will be read off such a drive should be mounted by default without execute permissions. It is the safer thing to do when a file system doesn't allow the explicit designation of Unix-style file permissions.

the administration menu/control center needs an option called disks, drives, harddrives or storage. this should give you access to boot menu, partitions, filesystems, swap, mount options, encryption and options for secure deleting / cleanup.

It is quite easy to trick the user into running a bad script in sudo by changing the gnome menu from "gksu /usr/sbin/synaptic" to "gksu /home/user/.roughescript.sh".

In a desktop environment using sudo you should need to enter your password in order to change the menu.

Sorry if i misspelt something; English is not my native language.

Currently, if an app can use gnome-keyring to store a password, there is no way the app can ask gnome-keyring if the key is currently on the keyring, without unlocking it (and exposing all the passwords).

The upshot of this is: Any app which can use gnome-keyring is constantly pestering the user to unlock the keyring, even if the key isn't stored there. If the user gives in to this badgering and unlocks his or her keyring ("See, stupid app, there's no password for you in my keyring!!"), then all the passwords that ARE in the keyring become insecure. And the app still needs to prompt for the password anyway!