light-locker virtual console toggle results in screen contents being displayed

Bug #1284920 reported by ToZ
This bug affects 2 people
Affects Status Importance Assigned to Milestone

Bug Description

Xubuntu 14.04 Beta 1
When the lock screen is activated with light-locker (light-locker-command -l) and the virtula console switched to the first (Ctrl+Alt+F1) then back to the 7th (Ctrl+Alt+F7), for a brief second, the contents of the desktop is displayed before it is overlayed with te black "This session is locked" screen. This poses a potential security risk.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: light-locker 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.13.0-12.32-generic 3.13.4
Uname: Linux 3.13.0-12-generic i686
ApportVersion: 2.13.2-0ubuntu5
Architecture: i386
CurrentDesktop: XFCE
Date: Tue Feb 25 20:22:52 2014
InstallationDate: Installed on 2014-02-26 (0 days ago)
InstallationMedia: Xubuntu 14.04 LTS "Trusty Tahr" - Alpha i386 (20140225)
SourcePackage: light-locker
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
ToZ (toz) wrote :
information type: Private Security → Public Security
Revision history for this message
Ubuntu QA Website (ubuntuqa) wrote :

This bug has been reported on the Ubuntu ISO testing tracker.

A list of all reports related to this bug can be found here:

tags: added: iso-testing
Changed in light-locker (Ubuntu):
status: New → Confirmed
Revision history for this message
Rolf Leggewie (r0lf) wrote :

I believe I reported this a few years ago, only to be told things were working as designed :-( Unfortunately, I can't find the ticket anymore. Like you, I consider this a grave security risk.

Revision history for this message
Rolf Leggewie (r0lf) wrote :

I am assigning this to Ubuntu in general because the problem stems not (only) from light-locker, has been around for a long time and is more wide-spread than this package. I believe the root cause of it lies somehwere within X.

affects: light-locker (Ubuntu) → ubuntu
Changed in ubuntu:
importance: Undecided → High
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.