User with passwords containing deadkeys may experience problems logging in.

Bug #1161433 reported by Evan Sonnemans on 2013-03-28
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lightdm (Ubuntu)
Medium
Unassigned

Bug Description

I found a bug that leaves a users unable to log his account in a TTY.

the bug occurs when the user has its keyboard layout set to support deadkeys. and chooses a password with a "^" character.
The graphics interface will not support deadkeys whereas the textmode login (without lightdm) does.

What i expect to happen:
that it does not matter wich login i use, they will be consistent.

What actually happens:
So when a user graphicaly creates a password: "ab[shift-6]c" ([shift-6] is the ^ char on my keyboard)
it will be intepretated as "ab^c" and when he uses the spacebar "ab[shift-6][space]c" it is "ab^ c".

the problem is whatever you try to login in TTY it wont work.

the other way around is the same a password with the "^" created in TTY wont be able to login in graphical.

exalt@edlap:~$ lsb_release -rd
Description: Ubuntu 12.10
Release: 12.10

exalt@edlap:~$ apt-cache policy lightdm
lightdm:
  Installed: 1.4.0-0ubuntu2
  Candidate: 1.4.0-0ubuntu2
  Version table:
 *** 1.4.0-0ubuntu2 0
        500 http://nl.archive.ubuntu.com/ubuntu/ quantal/main amd64 Packages
        100 /var/lib/dpkg/status

exalt@edlap:~$ echo $LANG # both in grapical and TTY
en_US.UTF-8

exalt@edlap:~$ sudo cat /etc/default/keyboard
[sudo] password for exalt:
# Check /usr/share/doc/keyboard-configuration/README.Debian for
# documentation on what to do after having modified this file.

# The following variables describe your keyboard and can have the same
# values as the XkbModel, XkbLayout, XkbVariant and XkbOptions options
# in /etc/X11/xorg.conf.

XKBMODEL="pc105"
XKBLAYOUT="us"
XKBVARIANT="intl"
XKBOPTIONS=""

# If you don't want to use the XKB layout on the console, you can
# specify an alternative keymap. Make sure it will be accessible
# before /usr is mounted.
# KMAP=/etc/console-setup/defkeymap.kmap.gz

ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: lightdm 1.4.0-0ubuntu2
ProcVersionSignature: Ubuntu 3.5.0-26.42-generic 3.5.7.6
Uname: Linux 3.5.0-26-generic x86_64
ApportVersion: 2.6.1-0ubuntu10
Architecture: amd64
Date: Thu Mar 28 15:25:34 2013
ExecutablePath: /usr/sbin/lightdm
InstallationDate: Installed on 2013-03-20 (7 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
MarkForUpload: True
ProcEnviron:
 TERM=linux
 PATH=(custom, no user)
SourcePackage: lightdm
UpgradeStatus: No upgrade log present (probably fresh install)

Evan Sonnemans (evan-exalt) wrote :

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

information type: Private Security → Public
Changed in lightdm (Ubuntu):
importance: Undecided → Medium
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers