** Visibility changed to: Public ** This bug is no longer flagged as a security vulnerability
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/984704 Title: Sensitive user connections stored outside of the encrypted home folder Status in “network-manager” package in Ubuntu: New Bug description: Coming from the last LTS to precise i got shocked that by default my user only network connections with all credential are no longer stored under "~/.gconf/system/networking/connections" but under "/etc/NetworkManager/system-connections/". This seems to come from the configuration changes of 0.9, but it has quite a security impact on Ubuntu's default ecryption method with ecryptfs secured home directories. Meaning my user only network settings with all password for wireless, VPN and co aren't stored in a safe manner anymore. Therefore this should be at best changed for ecryptfs installations via some kind of trigger in the session startup or at least should be highlighted in the release notes for precise. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/984704/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp