I don't know if this is part of Xfce or distro-specific, or a general Linux file, but I am a bit concerned that /home/username/.local/share/keyrings/Default.keyring has some pretty sensitive data in, in plain view, seeming at odds with the general view of Linux security. It would be of use admittedly only to a rare Linux-literate thief but it still bugs me. Have I missed something? Could/shouldn't this file be locked/encrypted so it can't just be opened, even from a live CD etc? What can be done? Encrypting a whole /home folder seems extreme and like it would be a hassle. (Would it remain encrypted to someone with a live CD?)
Currently trying Xubuntu 13..04 64 bit.
Last edited by lw1471 (2013-09-26 16:15:05)
aparenytly this is from libgnome-keyring
that is the problem Gnome, if I not instal it none is stored here
XFCE :: Arch Linux
:: Intel(R) Atom(R) N270 @ 4W at 1.60GHz
:: ntel Corporation Mobile 945GSE Express Integrated Graphics Controller (rev 03)
:: LED WSVGA of 10.1" (1,024 x 600)
In Xubuntu 13.10 (beta 2), I don't have a Default.keyring file.
toz@xubuntu1310:~/.local/share/keyrings$ ls login.keyring user.keystore
Both of those files appear to be encrypted.
Yes some people in another forum also say the same thing. I wonder why the file is not encrypted on my machines. I'm going to try to uninstall libgnome-keyring but Chromium seems to gripe (where Firefox doesn't) if Default.keyring is simply deleted. Presumably Chromium can store passwords within its own configuration and / files.
Actually I've looked now and it looks like too much other stuff will be taken with the gnome-keyring items including Banshee and Chromium. I'll see what 13.10 is like otherwise I'm going to move to another Xfce distro.