I concur with Igor's last comment. I've recently started using an extension for Mozilla Firefox which integrates Firefox's password cache with the GNOME keyring and I was shocked to find that one could open seahorse and browse all of the passwords therein (within any unlocked keyring; I use the default login keyring) as plain text. It's one thing to unlock a key ring and allow a programme to access these passwords for the entire session (though it would be nice to see options to re-lock a keyring after x minutes and/or every time the screen locks), it's quite another to allow any interloper to access those passwords as plain text.
I hope that this gets fixed soon. This seems like a fairly old/established bug, and one would have hoped a security issue like this would have been fixed by now. I don't mean to be patronising, condescending or a back-seat driver mind. I was just startled that such an obvious security hole existed.
I concur with Igor's last comment. I've recently started using an extension for Mozilla Firefox which integrates Firefox's password cache with the GNOME keyring and I was shocked to find that one could open seahorse and browse all of the passwords therein (within any unlocked keyring; I use the default login keyring) as plain text. It's one thing to unlock a key ring and allow a programme to access these passwords for the entire session (though it would be nice to see options to re-lock a keyring after x minutes and/or every time the screen locks), it's quite another to allow any interloper to access those passwords as plain text.
I hope that this gets fixed soon. This seems like a fairly old/established bug, and one would have hoped a security issue like this would have been fixed by now. I don't mean to be patronising, condescending or a back-seat driver mind. I was just startled that such an obvious security hole existed.