Re: [Evolution] login password

[Adam Tauno Williams <awilliam whitemice org>]

On Mon, 2011-01-17 at 14:08 -0600, Albert Wagner wrote: 
> On 01/17/2011 11:32 AM, Adam Tauno Williams wrote:
> > On Mon, 2011-01-17 at 11:01 -0600, Albert Wagner wrote:
> > > > And I don't think you need to be particularly "experienced" with them to
> > > > let a program use keyrings - it's just an encrypted store of passwords.
> > > My login password allows anyone with access to it, including evolution
> > > developers, to perform actions requiring root permissions.
> > Er, what?? How do evolution developers have access to your password via
> > use of the keyring?  They don't, can't, and I suspect you don't
> > understand are keyrings work.
> Absolutely right.  But I understand popups.
> A popup message claims that evolution cannot access the keyring without 
> the password used for logging in.  I automatically log in without 
> entering my password.

By default it creates a keyring using your login password [via
integration with GDM?  I don't remember].  Just run Seahorse and change
your keyring password to anything you like.

> > Even if they did have your username and password, which they don't, how
> > would that allow "root" permissions?  Unless you are logging in as root,
> > which you shouldn't.
> Not logged in as root.  But occasionally I use su and sudo.  Are those 
> not available on your distribution?

gnome-su prompts don't typically same the root-password to the keyring
by default; so it doesn't really matter.

Anyway, on a Kerberos-enabled network [which I am], su/sudo are password
free - I don't get prompted for a password [one either has the privilege
to perform an operation or you don't].