If a client machine has a menu display on screen, and then the client's screen is locked with Epoptes master, the menu remains displayed and active on top of the locked screen.
Bug #965408 reported by
Daniel
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Epoptes |
New
|
Undecided
|
Unassigned | ||
Bug Description
Even though I am not a security expert, I think this is a potential security vulnerabity as it enable a client to execute a command on the machine even if they have been lockout.
For example, if I click on the application menu of an of edubuntu 10.04 (which is an epoptes client) and leave the menu displayed, if I am locked out from an epoptes master machine, I would still be able to execute and of the programs on the displayed menu, even though I have been locked out.
Revision history for this message
| Alkis Georgopoulos (alkisg) wrote | #1 |
| security vulnerability: | yes → no |
| visibility: | private → public |
To post a comment you must log in.
It would be a security vulnerability only if by default, without epoptes-client installed, all machines were locked. :)
It's a duplicate of LP bug #880774, marking as such...