I don't know if this is part of Xfce or distro-specific, or a general Linux file, but I am a bit concerned that /home/username/.local/share/keyrings/Default.keyring has some pretty sensitive data in, in plain view, seeming at odds with the general view of Linux security. It would be of use admittedly only to a rare Linux-literate thief but it still bugs me. Have I missed something? Could/shouldn't this file be locked/encrypted so it can't just be opened, even from a live CD etc? What can be done? Encrypting a whole /home folder seems extreme and like it would be a hassle. (Would it remain encrypted to someone with a live CD?)
Currently trying Xubuntu 13..04 64 bit.
Last edited by lw1471 (2013-09-26 16:15:05)
aparenytly this is from libgnome-keyring
that is the problem Gnome, if I not instal it none is stored here
XFCE :: Arch Linux
:: AMD E-300 APU with Radeon(tm) HD Graphics @ 1300 MHz
:: Advanced Micro Devices, Inc. [AMD/ATI] Wrestler [Radeon HD 6310]
:: LED with aspect ration of 16:9 in 14.0'' (1366x768) [Radeon driver]
In Xubuntu 13.10 (beta 2), I don't have a Default.keyring file.
toz@xubuntu1310:~/.local/share/keyrings$ ls login.keyring user.keystore
Both of those files appear to be encrypted.
Yes some people in another forum also say the same thing. I wonder why the file is not encrypted on my machines. I'm going to try to uninstall libgnome-keyring but Chromium seems to gripe (where Firefox doesn't) if Default.keyring is simply deleted. Presumably Chromium can store passwords within its own configuration and / files.
Actually I've looked now and it looks like too much other stuff will be taken with the gnome-keyring items including Banshee and Chromium. I'll see what 13.10 is like otherwise I'm going to move to another Xfce distro.