[gutsy] unredirect-fullscreen-windows option breaks gnome-screensaver locking behavior
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
compiz (Ubuntu) |
Fix Released
|
High
|
Mirco Müller | ||
xorg (Ubuntu) |
Invalid
|
Undecided
|
raad |
Bug Description
Binary package hint: compiz
I have some weird misbehaviour of gnome-screensaver in combination with compiz fusion in gutsy.
It is not 100% reproductible but happens most of the time.
It looks like compiz does not let the screensaver lock the screen properly:
when the "unlock screen" dialog appears, it does not have the focus: One can not enter a password to unlock the screen.
What is much worse is that an OTHER window has the focus: with the screen locked, I was able to enter commands in an opened terminal.
I was even able to see their output thanks to compiz: it lets me cycle through window, showing me its usual composited alt-tab...
Changing desktop was also possible, but I could not trigger the scale plugin by going to a screen edge.
The focus seems to come back to the screensaver after a while (but one can still cycle through other windows and change desktop).
Disabling desktop effects and using plain metacity, everything works as expected.
It happens at least with the last 3 git snapshots of compiz in gutsy, AFAIR it did not happen with feisty.
Note: I am tempted to consider this as a security vulnerability as it allows to circumvent the "protection" offered by a screensaver. Should it be considered as such ?
output of dpkg -l | grep compiz:
ii compiz 1:0.5.1+
ii compiz-bcop 0.0.0+git200706
ii compiz-core 1:0.5.1+
ii compiz-dev 1:0.5.1+
ii compiz-
ii compiz-
ii compiz-gnome 1:0.5.1+
ii compiz-plugins 1:0.5.1+
ii compizconfig-
ii libcompizconfig
ii libcompizconfig0 0.0+git20070626
ii python-compizconfig 0.0.0+git200706
Related branches
Changed in compiz: | |
importance: | Undecided → High |
status: | New → Confirmed |
Changed in compiz: | |
importance: | Medium → High |
Changed in compiz: | |
status: | Confirmed → Fix Committed |
Changed in compiz: | |
assignee: | mvo → macslow |
Changed in compiz: | |
milestone: | ubuntu-7.10-rc → none |
I can definitely confirm this. In fact, I had my IRC window gain focus while I typed in my password. Thankfully I typoed it, but I think this should be classified as a security vulnerability.