You didn't understand what I wrote. Authentication with PAM or equivalent requires some kind of input data. If you _save_ your password then you simply _lost_ your chance to allow yourself to require input data.

There are 2 major differences with /etc/shadow:

1) /etc/shadow is only readably by root whereas any user application can read any one other user application's config files. Changing this requires serious work on the architecture of the OS.

2) the input data is encrypted and compared with the entry on /etc/shadow. If they match, the user is authenticated. Nothing is decrypted, ever. It'd make password cracking much easier. As I wrote, there is no input data if the passwords are stored, and if the passwords are not stored there is no issue.

The right way to solve the issue without too much changes (although still requires substantial work) is by using a keyring. In fact, many applications could make use of this. But the support for this has to be added in the applications, and you might as well wait a year for Harmattan which has DRM/ACL/capabilities support in the core OS.

PS: And like I wrote, if you have a hostile application which reads your passwords and abuses that then you have other worries. A hostile application could also log your keys, or be a worm. Really, the issue is much, much more different and complicated then. And this is exactly why capability-based security and signed binaries such as in Symbian is a Good Thing because it gives responsibility to those where it matters. The developer is known, their do's and dont's are known, when such isn't known they're denied.