[failsafeXinit] launches gnome-terminal or gedit as root without a password
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xorg (Ubuntu) |
Fix Released
|
Medium
|
Bryce Harrington | ||
Intrepid |
Invalid
|
Medium
|
Unassigned | ||
Jaunty |
Fix Released
|
Medium
|
Bryce Harrington |
Bug Description
Binary package hint: xorg
If GDM detects that X is failing to start the normal way, it launches /etc/gdm/
Ubuntu Failsafe-X
What would you like to do?
(*) Run Ubuntu in low-graphics mode for just this session
( ) Reconfigure graphics
( ) Troubleshoot the error
( ) Open a terminal
The “Open a terminal” option opens a gnome-terminal as root, *without asking for a password*.
Needless to say, this is a really dumb security problem. There are many things an attacker could do to force GDM to detect that the X server is crashing, such as repeatedly hitting Ctrl+Alt+Backspace. Therefore, anyone can walk up to a running Ubuntu system, open a root terminal, and quickly compromise it.
Some of the other options allow reconfiguring/
Related branches
Changed in xorg (Ubuntu Jaunty): | |
status: | Triaged → Fix Committed |
visibility: | private → public |
Changed in xorg (Ubuntu Intrepid): | |
assignee: | Bryce Harrington (bryceharrington) → nobody |
This bug was fixed in the package xorg - 1:7.4~5ubuntu8
---------------
xorg (1:7.4~5ubuntu8) jaunty; urgency=low
* Disable terminal to prevent root access (LP: #310126)
-- Bryce Harrington <email address hidden> Sun, 21 Dec 2008 00:05:19 -0800