Security in seahorse

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP












1















Being quite a new user (Mint 18.1), I'm a bit abashed by the behaviour between seahorse and the applications that request a password from the wallet. In my case, the ownCloud client asks to store my oC credentials to seahorse so technically I can't auto-start oC without the category in which it is stored ("default") to be unlocked. But once it's unlocked, anyone can have access to the password by ticking "show the password".



Shouldn't "Show the password" require a sudo password? This sounds quite basic to me.



Thanks










share|improve this question


























    1















    Being quite a new user (Mint 18.1), I'm a bit abashed by the behaviour between seahorse and the applications that request a password from the wallet. In my case, the ownCloud client asks to store my oC credentials to seahorse so technically I can't auto-start oC without the category in which it is stored ("default") to be unlocked. But once it's unlocked, anyone can have access to the password by ticking "show the password".



    Shouldn't "Show the password" require a sudo password? This sounds quite basic to me.



    Thanks










    share|improve this question
























      1












      1








      1








      Being quite a new user (Mint 18.1), I'm a bit abashed by the behaviour between seahorse and the applications that request a password from the wallet. In my case, the ownCloud client asks to store my oC credentials to seahorse so technically I can't auto-start oC without the category in which it is stored ("default") to be unlocked. But once it's unlocked, anyone can have access to the password by ticking "show the password".



      Shouldn't "Show the password" require a sudo password? This sounds quite basic to me.



      Thanks










      share|improve this question














      Being quite a new user (Mint 18.1), I'm a bit abashed by the behaviour between seahorse and the applications that request a password from the wallet. In my case, the ownCloud client asks to store my oC credentials to seahorse so technically I can't auto-start oC without the category in which it is stored ("default") to be unlocked. But once it's unlocked, anyone can have access to the password by ticking "show the password".



      Shouldn't "Show the password" require a sudo password? This sounds quite basic to me.



      Thanks







      security password






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Feb 7 '17 at 19:54









      jfkjfk

      115




      115




















          1 Answer
          1






          active

          oldest

          votes


















          1














          The whole point of a password wallet is that applications can retrieve passwords from the wallet and send them to the service that requires the password. The wallet is stored encrypted, your login password is used to decrypt it when you log in.



          Seahorse isn't the wallet application, it's an application that allows you to browse and edit your wallet. It has the same access permissions as any other program you run.



          It is not true that “anyone can have access to the password”. Only a program running on your account can access the password. Any program you run on your account is effectively you — it's acting on your behalf.



          “Show the password” is exactly the same operation as “retrieve the password to use it to log in somewhere”. This doesn't require root access. Root access is about doing things that affect all users of the machine, such as configuring hardware or installed software. Your passwords are yours only, and typing your password when you log in or when you unlock your screen shows to the computer that you are you.



          There are protocols that allow “locking up” a password inside a secure environment, such that the password can never be extracted from it (except with higher privileges, possibly only through physical attacks), the secure environment only allows using that password as part of a login attempt and what comes out of the secure environment is a one-time token derived from the password that a remote service can verify. Such protocols are not very common, and where they're implemented (e.g. OAuth), the secure environment is usually a third-party cloud service.



          Your question sounds like you're used to the security model of mobile operating systems such as iOS and Android. Those systems have a peculiar security model where they isolate applications from each other. Desktop OSes such as Linux and Windows don't do that, they only isolate users from each other. Furthermore those systems have a very peculiar security model where the user does not have full control of the software running on the device, even though they legally own the hardware, unless the device has been “jailbroken” (“rooted”). With a desktop system, your computer is yours, you aren't restricted from accessing the data on it. Your passwords are your data, so you can access them, and which application you use to do this is entirely your business.






          share|improve this answer























          • Thank you for your answer and your clarification. Indeed seahorse is an editor of the wallet, sorry for the imprecision. However, I disagree with you on the safety of the principle. When I said "anyone can have access to the password' I meant "anyone who would accidentally use my session could have access to those sensitive data". To me there is some kind of breach here. (see below...)

            – jfk
            Feb 8 '17 at 8:36












          • In any case, I solved the issue by entering no password to access the wallet and delete seahorse. That way if the situation above-mentionned would occur, the user would have to download an editor in order to access those credentials and this require to provide a sudo password for installation. Could you confirm that it is not possible to access the wallet without a sudo command? Thank you very much

            – jfk
            Feb 8 '17 at 8:36












          • @jfk Deleting seahorse does not change the security of the system in any way. If someone has access to your session, they could just download it, or they could use any other program that accesses the wallet. Using sudo is only necessary to affect the system as a whole, for example to install a program for all users. You could install seahorse or any other program on your account, sudo is not needed for that, it's just more convenient to use the package manager.

            – Gilles
            Feb 8 '17 at 11:59











          • @jfk I must warn you that you clearly do not understand the security of your system. I strongly recommend that you do not try to improve it: what you do is very likely to make it worse. Furthermore, I recommend that you actually read my answer. In your comments, you're asking me to “confirm” things where I explained the exact opposite in my answer.

            – Gilles
            Feb 8 '17 at 12:00











          • Thanks Gilles, the debate is very useful to me. If you don't mind, I'd like to be sure that I've understood what you explained. My Linux partition is encrypted and I'm the only user. To avoid entering twice a password, I auto-log. So having the wallet stored unencrypted didn't appear as an issue to me since that configuration mirrors the role of the classical login and its relationship to the wallet you described. In both cases we have a session open with an unencrypted wallet. The only difference is that for my configuration to be hacked it requires a much more experienced user, whereas

            – jfk
            Feb 8 '17 at 20:32











          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f343263%2fsecurity-in-seahorse%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          1














          The whole point of a password wallet is that applications can retrieve passwords from the wallet and send them to the service that requires the password. The wallet is stored encrypted, your login password is used to decrypt it when you log in.



          Seahorse isn't the wallet application, it's an application that allows you to browse and edit your wallet. It has the same access permissions as any other program you run.



          It is not true that “anyone can have access to the password”. Only a program running on your account can access the password. Any program you run on your account is effectively you — it's acting on your behalf.



          “Show the password” is exactly the same operation as “retrieve the password to use it to log in somewhere”. This doesn't require root access. Root access is about doing things that affect all users of the machine, such as configuring hardware or installed software. Your passwords are yours only, and typing your password when you log in or when you unlock your screen shows to the computer that you are you.



          There are protocols that allow “locking up” a password inside a secure environment, such that the password can never be extracted from it (except with higher privileges, possibly only through physical attacks), the secure environment only allows using that password as part of a login attempt and what comes out of the secure environment is a one-time token derived from the password that a remote service can verify. Such protocols are not very common, and where they're implemented (e.g. OAuth), the secure environment is usually a third-party cloud service.



          Your question sounds like you're used to the security model of mobile operating systems such as iOS and Android. Those systems have a peculiar security model where they isolate applications from each other. Desktop OSes such as Linux and Windows don't do that, they only isolate users from each other. Furthermore those systems have a very peculiar security model where the user does not have full control of the software running on the device, even though they legally own the hardware, unless the device has been “jailbroken” (“rooted”). With a desktop system, your computer is yours, you aren't restricted from accessing the data on it. Your passwords are your data, so you can access them, and which application you use to do this is entirely your business.






          share|improve this answer























          • Thank you for your answer and your clarification. Indeed seahorse is an editor of the wallet, sorry for the imprecision. However, I disagree with you on the safety of the principle. When I said "anyone can have access to the password' I meant "anyone who would accidentally use my session could have access to those sensitive data". To me there is some kind of breach here. (see below...)

            – jfk
            Feb 8 '17 at 8:36












          • In any case, I solved the issue by entering no password to access the wallet and delete seahorse. That way if the situation above-mentionned would occur, the user would have to download an editor in order to access those credentials and this require to provide a sudo password for installation. Could you confirm that it is not possible to access the wallet without a sudo command? Thank you very much

            – jfk
            Feb 8 '17 at 8:36












          • @jfk Deleting seahorse does not change the security of the system in any way. If someone has access to your session, they could just download it, or they could use any other program that accesses the wallet. Using sudo is only necessary to affect the system as a whole, for example to install a program for all users. You could install seahorse or any other program on your account, sudo is not needed for that, it's just more convenient to use the package manager.

            – Gilles
            Feb 8 '17 at 11:59











          • @jfk I must warn you that you clearly do not understand the security of your system. I strongly recommend that you do not try to improve it: what you do is very likely to make it worse. Furthermore, I recommend that you actually read my answer. In your comments, you're asking me to “confirm” things where I explained the exact opposite in my answer.

            – Gilles
            Feb 8 '17 at 12:00











          • Thanks Gilles, the debate is very useful to me. If you don't mind, I'd like to be sure that I've understood what you explained. My Linux partition is encrypted and I'm the only user. To avoid entering twice a password, I auto-log. So having the wallet stored unencrypted didn't appear as an issue to me since that configuration mirrors the role of the classical login and its relationship to the wallet you described. In both cases we have a session open with an unencrypted wallet. The only difference is that for my configuration to be hacked it requires a much more experienced user, whereas

            – jfk
            Feb 8 '17 at 20:32
















          1














          The whole point of a password wallet is that applications can retrieve passwords from the wallet and send them to the service that requires the password. The wallet is stored encrypted, your login password is used to decrypt it when you log in.



          Seahorse isn't the wallet application, it's an application that allows you to browse and edit your wallet. It has the same access permissions as any other program you run.



          It is not true that “anyone can have access to the password”. Only a program running on your account can access the password. Any program you run on your account is effectively you — it's acting on your behalf.



          “Show the password” is exactly the same operation as “retrieve the password to use it to log in somewhere”. This doesn't require root access. Root access is about doing things that affect all users of the machine, such as configuring hardware or installed software. Your passwords are yours only, and typing your password when you log in or when you unlock your screen shows to the computer that you are you.



          There are protocols that allow “locking up” a password inside a secure environment, such that the password can never be extracted from it (except with higher privileges, possibly only through physical attacks), the secure environment only allows using that password as part of a login attempt and what comes out of the secure environment is a one-time token derived from the password that a remote service can verify. Such protocols are not very common, and where they're implemented (e.g. OAuth), the secure environment is usually a third-party cloud service.



          Your question sounds like you're used to the security model of mobile operating systems such as iOS and Android. Those systems have a peculiar security model where they isolate applications from each other. Desktop OSes such as Linux and Windows don't do that, they only isolate users from each other. Furthermore those systems have a very peculiar security model where the user does not have full control of the software running on the device, even though they legally own the hardware, unless the device has been “jailbroken” (“rooted”). With a desktop system, your computer is yours, you aren't restricted from accessing the data on it. Your passwords are your data, so you can access them, and which application you use to do this is entirely your business.






          share|improve this answer























          • Thank you for your answer and your clarification. Indeed seahorse is an editor of the wallet, sorry for the imprecision. However, I disagree with you on the safety of the principle. When I said "anyone can have access to the password' I meant "anyone who would accidentally use my session could have access to those sensitive data". To me there is some kind of breach here. (see below...)

            – jfk
            Feb 8 '17 at 8:36












          • In any case, I solved the issue by entering no password to access the wallet and delete seahorse. That way if the situation above-mentionned would occur, the user would have to download an editor in order to access those credentials and this require to provide a sudo password for installation. Could you confirm that it is not possible to access the wallet without a sudo command? Thank you very much

            – jfk
            Feb 8 '17 at 8:36












          • @jfk Deleting seahorse does not change the security of the system in any way. If someone has access to your session, they could just download it, or they could use any other program that accesses the wallet. Using sudo is only necessary to affect the system as a whole, for example to install a program for all users. You could install seahorse or any other program on your account, sudo is not needed for that, it's just more convenient to use the package manager.

            – Gilles
            Feb 8 '17 at 11:59











          • @jfk I must warn you that you clearly do not understand the security of your system. I strongly recommend that you do not try to improve it: what you do is very likely to make it worse. Furthermore, I recommend that you actually read my answer. In your comments, you're asking me to “confirm” things where I explained the exact opposite in my answer.

            – Gilles
            Feb 8 '17 at 12:00











          • Thanks Gilles, the debate is very useful to me. If you don't mind, I'd like to be sure that I've understood what you explained. My Linux partition is encrypted and I'm the only user. To avoid entering twice a password, I auto-log. So having the wallet stored unencrypted didn't appear as an issue to me since that configuration mirrors the role of the classical login and its relationship to the wallet you described. In both cases we have a session open with an unencrypted wallet. The only difference is that for my configuration to be hacked it requires a much more experienced user, whereas

            – jfk
            Feb 8 '17 at 20:32














          1












          1








          1







          The whole point of a password wallet is that applications can retrieve passwords from the wallet and send them to the service that requires the password. The wallet is stored encrypted, your login password is used to decrypt it when you log in.



          Seahorse isn't the wallet application, it's an application that allows you to browse and edit your wallet. It has the same access permissions as any other program you run.



          It is not true that “anyone can have access to the password”. Only a program running on your account can access the password. Any program you run on your account is effectively you — it's acting on your behalf.



          “Show the password” is exactly the same operation as “retrieve the password to use it to log in somewhere”. This doesn't require root access. Root access is about doing things that affect all users of the machine, such as configuring hardware or installed software. Your passwords are yours only, and typing your password when you log in or when you unlock your screen shows to the computer that you are you.



          There are protocols that allow “locking up” a password inside a secure environment, such that the password can never be extracted from it (except with higher privileges, possibly only through physical attacks), the secure environment only allows using that password as part of a login attempt and what comes out of the secure environment is a one-time token derived from the password that a remote service can verify. Such protocols are not very common, and where they're implemented (e.g. OAuth), the secure environment is usually a third-party cloud service.



          Your question sounds like you're used to the security model of mobile operating systems such as iOS and Android. Those systems have a peculiar security model where they isolate applications from each other. Desktop OSes such as Linux and Windows don't do that, they only isolate users from each other. Furthermore those systems have a very peculiar security model where the user does not have full control of the software running on the device, even though they legally own the hardware, unless the device has been “jailbroken” (“rooted”). With a desktop system, your computer is yours, you aren't restricted from accessing the data on it. Your passwords are your data, so you can access them, and which application you use to do this is entirely your business.






          share|improve this answer













          The whole point of a password wallet is that applications can retrieve passwords from the wallet and send them to the service that requires the password. The wallet is stored encrypted, your login password is used to decrypt it when you log in.



          Seahorse isn't the wallet application, it's an application that allows you to browse and edit your wallet. It has the same access permissions as any other program you run.



          It is not true that “anyone can have access to the password”. Only a program running on your account can access the password. Any program you run on your account is effectively you — it's acting on your behalf.



          “Show the password” is exactly the same operation as “retrieve the password to use it to log in somewhere”. This doesn't require root access. Root access is about doing things that affect all users of the machine, such as configuring hardware or installed software. Your passwords are yours only, and typing your password when you log in or when you unlock your screen shows to the computer that you are you.



          There are protocols that allow “locking up” a password inside a secure environment, such that the password can never be extracted from it (except with higher privileges, possibly only through physical attacks), the secure environment only allows using that password as part of a login attempt and what comes out of the secure environment is a one-time token derived from the password that a remote service can verify. Such protocols are not very common, and where they're implemented (e.g. OAuth), the secure environment is usually a third-party cloud service.



          Your question sounds like you're used to the security model of mobile operating systems such as iOS and Android. Those systems have a peculiar security model where they isolate applications from each other. Desktop OSes such as Linux and Windows don't do that, they only isolate users from each other. Furthermore those systems have a very peculiar security model where the user does not have full control of the software running on the device, even though they legally own the hardware, unless the device has been “jailbroken” (“rooted”). With a desktop system, your computer is yours, you aren't restricted from accessing the data on it. Your passwords are your data, so you can access them, and which application you use to do this is entirely your business.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Feb 8 '17 at 1:07









          GillesGilles

          544k12811011619




          544k12811011619












          • Thank you for your answer and your clarification. Indeed seahorse is an editor of the wallet, sorry for the imprecision. However, I disagree with you on the safety of the principle. When I said "anyone can have access to the password' I meant "anyone who would accidentally use my session could have access to those sensitive data". To me there is some kind of breach here. (see below...)

            – jfk
            Feb 8 '17 at 8:36












          • In any case, I solved the issue by entering no password to access the wallet and delete seahorse. That way if the situation above-mentionned would occur, the user would have to download an editor in order to access those credentials and this require to provide a sudo password for installation. Could you confirm that it is not possible to access the wallet without a sudo command? Thank you very much

            – jfk
            Feb 8 '17 at 8:36












          • @jfk Deleting seahorse does not change the security of the system in any way. If someone has access to your session, they could just download it, or they could use any other program that accesses the wallet. Using sudo is only necessary to affect the system as a whole, for example to install a program for all users. You could install seahorse or any other program on your account, sudo is not needed for that, it's just more convenient to use the package manager.

            – Gilles
            Feb 8 '17 at 11:59











          • @jfk I must warn you that you clearly do not understand the security of your system. I strongly recommend that you do not try to improve it: what you do is very likely to make it worse. Furthermore, I recommend that you actually read my answer. In your comments, you're asking me to “confirm” things where I explained the exact opposite in my answer.

            – Gilles
            Feb 8 '17 at 12:00











          • Thanks Gilles, the debate is very useful to me. If you don't mind, I'd like to be sure that I've understood what you explained. My Linux partition is encrypted and I'm the only user. To avoid entering twice a password, I auto-log. So having the wallet stored unencrypted didn't appear as an issue to me since that configuration mirrors the role of the classical login and its relationship to the wallet you described. In both cases we have a session open with an unencrypted wallet. The only difference is that for my configuration to be hacked it requires a much more experienced user, whereas

            – jfk
            Feb 8 '17 at 20:32


















          • Thank you for your answer and your clarification. Indeed seahorse is an editor of the wallet, sorry for the imprecision. However, I disagree with you on the safety of the principle. When I said "anyone can have access to the password' I meant "anyone who would accidentally use my session could have access to those sensitive data". To me there is some kind of breach here. (see below...)

            – jfk
            Feb 8 '17 at 8:36












          • In any case, I solved the issue by entering no password to access the wallet and delete seahorse. That way if the situation above-mentionned would occur, the user would have to download an editor in order to access those credentials and this require to provide a sudo password for installation. Could you confirm that it is not possible to access the wallet without a sudo command? Thank you very much

            – jfk
            Feb 8 '17 at 8:36












          • @jfk Deleting seahorse does not change the security of the system in any way. If someone has access to your session, they could just download it, or they could use any other program that accesses the wallet. Using sudo is only necessary to affect the system as a whole, for example to install a program for all users. You could install seahorse or any other program on your account, sudo is not needed for that, it's just more convenient to use the package manager.

            – Gilles
            Feb 8 '17 at 11:59











          • @jfk I must warn you that you clearly do not understand the security of your system. I strongly recommend that you do not try to improve it: what you do is very likely to make it worse. Furthermore, I recommend that you actually read my answer. In your comments, you're asking me to “confirm” things where I explained the exact opposite in my answer.

            – Gilles
            Feb 8 '17 at 12:00











          • Thanks Gilles, the debate is very useful to me. If you don't mind, I'd like to be sure that I've understood what you explained. My Linux partition is encrypted and I'm the only user. To avoid entering twice a password, I auto-log. So having the wallet stored unencrypted didn't appear as an issue to me since that configuration mirrors the role of the classical login and its relationship to the wallet you described. In both cases we have a session open with an unencrypted wallet. The only difference is that for my configuration to be hacked it requires a much more experienced user, whereas

            – jfk
            Feb 8 '17 at 20:32

















          Thank you for your answer and your clarification. Indeed seahorse is an editor of the wallet, sorry for the imprecision. However, I disagree with you on the safety of the principle. When I said "anyone can have access to the password' I meant "anyone who would accidentally use my session could have access to those sensitive data". To me there is some kind of breach here. (see below...)

          – jfk
          Feb 8 '17 at 8:36






          Thank you for your answer and your clarification. Indeed seahorse is an editor of the wallet, sorry for the imprecision. However, I disagree with you on the safety of the principle. When I said "anyone can have access to the password' I meant "anyone who would accidentally use my session could have access to those sensitive data". To me there is some kind of breach here. (see below...)

          – jfk
          Feb 8 '17 at 8:36














          In any case, I solved the issue by entering no password to access the wallet and delete seahorse. That way if the situation above-mentionned would occur, the user would have to download an editor in order to access those credentials and this require to provide a sudo password for installation. Could you confirm that it is not possible to access the wallet without a sudo command? Thank you very much

          – jfk
          Feb 8 '17 at 8:36






          In any case, I solved the issue by entering no password to access the wallet and delete seahorse. That way if the situation above-mentionned would occur, the user would have to download an editor in order to access those credentials and this require to provide a sudo password for installation. Could you confirm that it is not possible to access the wallet without a sudo command? Thank you very much

          – jfk
          Feb 8 '17 at 8:36














          @jfk Deleting seahorse does not change the security of the system in any way. If someone has access to your session, they could just download it, or they could use any other program that accesses the wallet. Using sudo is only necessary to affect the system as a whole, for example to install a program for all users. You could install seahorse or any other program on your account, sudo is not needed for that, it's just more convenient to use the package manager.

          – Gilles
          Feb 8 '17 at 11:59





          @jfk Deleting seahorse does not change the security of the system in any way. If someone has access to your session, they could just download it, or they could use any other program that accesses the wallet. Using sudo is only necessary to affect the system as a whole, for example to install a program for all users. You could install seahorse or any other program on your account, sudo is not needed for that, it's just more convenient to use the package manager.

          – Gilles
          Feb 8 '17 at 11:59













          @jfk I must warn you that you clearly do not understand the security of your system. I strongly recommend that you do not try to improve it: what you do is very likely to make it worse. Furthermore, I recommend that you actually read my answer. In your comments, you're asking me to “confirm” things where I explained the exact opposite in my answer.

          – Gilles
          Feb 8 '17 at 12:00





          @jfk I must warn you that you clearly do not understand the security of your system. I strongly recommend that you do not try to improve it: what you do is very likely to make it worse. Furthermore, I recommend that you actually read my answer. In your comments, you're asking me to “confirm” things where I explained the exact opposite in my answer.

          – Gilles
          Feb 8 '17 at 12:00













          Thanks Gilles, the debate is very useful to me. If you don't mind, I'd like to be sure that I've understood what you explained. My Linux partition is encrypted and I'm the only user. To avoid entering twice a password, I auto-log. So having the wallet stored unencrypted didn't appear as an issue to me since that configuration mirrors the role of the classical login and its relationship to the wallet you described. In both cases we have a session open with an unencrypted wallet. The only difference is that for my configuration to be hacked it requires a much more experienced user, whereas

          – jfk
          Feb 8 '17 at 20:32






          Thanks Gilles, the debate is very useful to me. If you don't mind, I'd like to be sure that I've understood what you explained. My Linux partition is encrypted and I'm the only user. To avoid entering twice a password, I auto-log. So having the wallet stored unencrypted didn't appear as an issue to me since that configuration mirrors the role of the classical login and its relationship to the wallet you described. In both cases we have a session open with an unencrypted wallet. The only difference is that for my configuration to be hacked it requires a much more experienced user, whereas

          – jfk
          Feb 8 '17 at 20:32


















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f343263%2fsecurity-in-seahorse%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown






          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?