kdesktop_locker crashes if Scim Anthy input is selected
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| kdebase (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
#Kubuntu Hardy Heron 7.10
#KDE 3.5.9
#System locale: English (en_GB)
Packages:
kdesktop 4:3.5.9-0ubuntu7.3
scim 1.4.7-3ubuntu8
scim-anthy 1.2.4-1ubuntu2
scim-bridge 0.4.12-1ubuntu1
scim-bridge-agent 0.4.14-1ubuntu2
scim-bridge-
scim-bridge-
scim-bridge-
scim-gtk2-immodule 1.4.7-3ubuntu8
scim-modules-socket 1.4.7-3ubuntu8
skim-scim-anthy 1.2.4-0ubuntu2
skim 1.4.5-4ubuntu3
libskim0 1.4.5-4ubuntu3
Problem:
The screen lock facility will crash if 'cancel' is chosen during the password prompt, so long as one has Anthy selelected as the input method for Scim. When the program crashes, the user is returned to the desktop screen and has in turn succeeded in bypassing the screen lock without knowledge of the password. This could be a potential security issue for systems running Scim.
Steps to reproduce:
Set Scim's input method to 'Anthy,' then either wait for the password protected screensaver to start or lock the screen manually. Now click on the 'cancel' button when the password prompt appears and this should reproduce the crash.
Now, set Scim's input method to 'English/European' and then lock the screen. You should find that clicking cancel removes the password prompt and doesn't crash kdesktop_lock.
| Harald Sitter (apachelogger) wrote | #4 |
| Changed in kdebase: | |
| status: | New → Fix Released |
No else managed to reproduce this one? I'd imagine that it was a pretty crucial one.