Login password from GDM is shown in plain text on the VT1 console

Bug #1767918 reported by SimonWerner on 2018-04-30
318
This bug affects 8 people
Affects Status Importance Assigned to Milestone
gdm3 (Ubuntu)
High
Unassigned
Bionic
Undecided
Unassigned
plymouth (Ubuntu)
High
Mathieu Trudel-Lapierre
Bionic
High
Unassigned

Bug Description

[Impact]
Sessions in specific circumstances when switching to TTY while plymouth is being activated or deactivated.

[Test cases]
Steps to reproduce:
1) Log-in using X11 login via GDM.
2) Use the desktop for a while. (For some reason I cannot reproduce if I login and then restart after a short while).
3) In Gnome click System menu -> Power Button -> Restart
4) Quickly press CTRL-ALT-F1

Validate whether your login password is visible on the TTY.

[Regression Potential]
Possible regressions may include difficulty showing text-mode splash or boot messages given that this changes the state of tty based on plymouth's own activation state.

---

https://gitlab.gnome.org/GNOME/gdm/issues/408

I don't which package this applies to, but I believe the best bet is GDM.

Steps to reproduce:
1) Log-in using X11 login via GDM.
2) Use the desktop for a while. (For some reason I cannot reproduce if I login and then restart after a short while).
3) In Gnome click System menu -> Power Button -> Restart
4) Quickly press CTRL-ALT-F1
5) I see my login password in plain text in the console. Once I saw the login password repeated twice.

See attached photo with the login password blanked out. Below the password is the console cursor.

## lsb_release -rd
Description: Ubuntu 18.04 LTS
Release: 18.04

## apt-cache policy gdm3
gdm3:
  Installed: 3.28.0-0ubuntu1
  Candidate: 3.28.0-0ubuntu1
  Version table:
 *** 3.28.0-0ubuntu1 500
        500 http://nz.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
        100 /var/lib/dpkg/status

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: gdm3 3.28.0-0ubuntu1
ProcVersionSignature: Ubuntu 4.15.0-18.19-generic 4.15.17
Uname: Linux 4.15.0-18-generic x86_64
ApportVersion: 2.20.9-0ubuntu7
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Mon Apr 30 14:54:07 2018
InstallationDate: Installed on 2018-04-13 (17 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Beta amd64 (20180404)
SourcePackage: gdm3
UpgradeStatus: No upgrade log present (probably fresh install)

SimonWerner (simonwerner) wrote :
information type: Private Security → Public Security
Daniel van Vugt (vanvugt) wrote :

Sounds like another case of keyboard input passing through the login screen to the VT below.

Changed in gdm3 (Ubuntu):
importance: Undecided → High
Daniel van Vugt (vanvugt) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. This particular bug has already been reported and is a duplicate of bug 1710637, so it is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally, any further discussion regarding the bug should occur in the other report. Feel free to continue to report any other bugs you may find.

tags: added: fall-through
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gdm3 (Ubuntu):
status: New → Confirmed
summary: - Login password is shown in plain text when shutting down
+ Login password is shown in plain text on VT1 when shutting down

In general I can confirm the above described behaviour for my fresh Ubuntu 18.04 upgrade:

- shortly after reboot I can't reproduce the problem too
- after a couple of days of notebook standby/wakeup you suddenly see during reboot or switch user the tty1 screen with all typed usernames/password since last reboot

Changed in gnome-shell (Ubuntu):
importance: Undecided → High
Changed in mutter (Ubuntu):
importance: Undecided → High
Changed in gnome-shell (Ubuntu):
status: New → Confirmed
Changed in mutter (Ubuntu):
status: New → Confirmed
summary: - Login password is shown in plain text on VT1 when shutting down
+ Login password from GDM is shown in plain text on the VT1 console
Jonathan Kamens (jik) wrote :

Yikes, shouldn't this bug be marked private?

Daniel van Vugt (vanvugt) wrote :

No, because multiple people experience this bug and they wouldn't be able to share the same bug if it was private.

Daniel van Vugt (vanvugt) wrote :

Could someone experiencing the bug please report it to the Gnome developers here:
https://gitlab.gnome.org/GNOME/gdm/issues

(I'm not sure if it's going to be in "gdm", "mutter" or "gnome-shell" yet)

SimonWerner (simonwerner) wrote :

@vanvugt, new GDM bug has been created here: https://gitlab.gnome.org/GNOME/gdm/issues/408

description: updated
Daniel van Vugt (vanvugt) wrote :

Looks like a fix has landed upstream. It was a bug in plymouth:

https://gitlab.freedesktop.org/plymouth/plymouth/merge_requests/2

affects: mutter (Ubuntu) → plymouth (Ubuntu)
Changed in plymouth (Ubuntu):
status: Confirmed → Triaged
no longer affects: gnome-shell (Ubuntu)
tags: added: rls-cc-incoming
Sebastien Bacher (seb128) wrote :

the issue is plytmouth

Changed in gdm3 (Ubuntu):
status: Confirmed → Invalid
Sebastien Bacher (seb128) wrote :

there is an upstream plymouth commit referenced there, so hopefully just a matter for uploading that change

Changed in plymouth (Ubuntu):
assignee: nobody → Canonical Foundations Team (canonical-foundations)
Changed in plymouth (Ubuntu Bionic):
status: New → Triaged
importance: Undecided → High
tags: added: id-5b9148c9206edc248ed09ba2
description: updated
Changed in plymouth (Ubuntu):
assignee: Canonical Foundations Team (canonical-foundations) → Mathieu Trudel-Lapierre (cyphermox)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package plymouth - 0.9.3-1ubuntu8

---------------
plymouth (0.9.3-1ubuntu8) cosmic; urgency=medium

  * debian/patches/git_ensure_tty_closed_0a662723.patch: ensure tty is closed
    on deactivate. (LP: #1767918)

 -- Mathieu Trudel-Lapierre <email address hidden> Tue, 11 Sep 2018 18:56:37 -0400

Changed in plymouth (Ubuntu):
status: Triaged → Fix Released

Hello SimonWerner, or anyone else affected,

Accepted plymouth into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/plymouth/0.9.3-1ubuntu7.18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in plymouth (Ubuntu Bionic):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-bionic
SimonWerner (simonwerner) wrote :

I have tested this with the new version of Plymouth and the problem is not there. I tested this by upgrading to the latest version Plymouth, and rebooting. Then trying to reproduce the problem by rebooting again and pressing CTRL-ALT-F1. My password was not shown in text mode.

However, I have tested this problem over the last few weeks (as I created the upstream bug report, https://gitlab.gnome.org/GNOME/gdm/issues/408) and I have never been able to reproduce it. My guess that I can't reproduce is hinted by this comment: "Our systems do often boot quick enough that Plymouth doesn't have time to activate, too." made in the upstream bug report. Maybe previously my system booted quicker/slower and I saw the password issue and now it boots slower/quicker and I can't reproduce it.

Anyway, with the new version of Plymouth it seems to not be any worse. It would be good if someone else could test it too.

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gdm3 (Ubuntu Bionic):
status: New → Confirmed
Alan Diggs (schyken) wrote :

Tested this on my system and this has solved the issue for me.

@Alan, could you please confirm which version of plymouth you have installed for the tests you did?

Thanks!

Daniel van Vugt (vanvugt) wrote :

Alan would be using 18.04 (bug 1792924).

That's not what I mean though. For SRU verification we should aim to have a positive identification of the exact version of the plymouth package that was used for the tests.

For example, this can be achieved by looking at 'dpkg -l plymouth | cat':

要望=(U)不明/(I)インストール/(R)削除/(P)完全削除/(H)保持
| 状態=(N)無/(I)インストール済/(C)設定/(U)展開/(F)設定失敗/(H)半インストール/(W)トリガ待ち/(T)トリガ保留
|/ エラー?=(空欄)無/(R)要再インストール (状態,エラーの大文字=異常)
||/ 名前 バージョン アーキテクチ 説明
+++-==============-==============-============-==========================================
ii plymouth 0.9.3-1ubuntu8 amd64 boot animation, logger and I/O multiplexer

This is from my PC, on cosmic. The version number on bionic would be different.

@Alan,

Can you confirm which version of plymouth you had installed?

You can use the following command to do so:

dpkg -l plymouth | cat

Bug was confirmed fix, although we don't have a formal version number for the pacakge that was tested, let's mark this verification-done.

tags: added: verification-done-bionic
removed: verification-needed verification-needed-bionic
Łukasz Zemczak (sil2100) wrote :

I have re-ran the failed autopkgtests for systemd for this upload. I doubt that they're actually related, but on the i386 part I saw systemd-fsckd failing that didn't fail recently for any other test-run. Just want to confirm if maybe it was a completely one-off failure or not.

Changed in gdm3 (Ubuntu Bionic):
status: Confirmed → Invalid
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package plymouth - 0.9.3-1ubuntu7.18.04.1

---------------
plymouth (0.9.3-1ubuntu7.18.04.1) bionic; urgency=medium

  * debian/patches/git_ensure_tty_closed_0a662723.patch: ensure tty is closed
    on deactivate. (LP: #1767918)

 -- Mathieu Trudel-Lapierre <email address hidden> Tue, 11 Sep 2018 19:03:58 -0400

Changed in plymouth (Ubuntu Bionic):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for plymouth has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Leopoldo (leops) wrote :

I still have this problem with clean, fully upgraded Ubuntu 18.04.1 install, in my case, with two users. I log in into one of them, click on "Change user" (or similar in English, I have a Spanish installation) and then GDM password is revealed in VT1.

Daniel van Vugt (vanvugt) wrote :

A new bug would be most appropriate there, since this one has been closed for a while.

Please use this command to open a new bug:

  ubuntu-bug gdm3

FYI -- I saw a recur of this last week and am opening a bug now.

Daniel van Vugt (vanvugt) wrote :

Discussion moved to bug 1803993.

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers