User with passwords containing deadkeys may experience problems logging in.
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| lightdm (Ubuntu) |
New
|
Medium
|
Unassigned | ||
Bug Description
I found a bug that leaves a users unable to log his account in a TTY.
the bug occurs when the user has its keyboard layout set to support deadkeys. and chooses a password with a "^" character.
The graphics interface will not support deadkeys whereas the textmode login (without lightdm) does.
What i expect to happen:
that it does not matter wich login i use, they will be consistent.
What actually happens:
So when a user graphicaly creates a password: "ab[shift-6]c" ([shift-6] is the ^ char on my keyboard)
it will be intepretated as "ab^c" and when he uses the spacebar "ab[shift-
the problem is whatever you try to login in TTY it wont work.
the other way around is the same a password with the "^" created in TTY wont be able to login in graphical.
exalt@edlap:~$ lsb_release -rd
Description: Ubuntu 12.10
Release: 12.10
exalt@edlap:~$ apt-cache policy lightdm
lightdm:
Installed: 1.4.0-0ubuntu2
Candidate: 1.4.0-0ubuntu2
Version table:
*** 1.4.0-0ubuntu2 0
500 http://
100 /var/lib/
exalt@edlap:~$ echo $LANG # both in grapical and TTY
en_US.UTF-8
exalt@edlap:~$ sudo cat /etc/default/
[sudo] password for exalt:
# Check /usr/share/
# documentation on what to do after having modified this file.
# The following variables describe your keyboard and can have the same
# values as the XkbModel, XkbLayout, XkbVariant and XkbOptions options
# in /etc/X11/xorg.conf.
XKBMODEL="pc105"
XKBLAYOUT="us"
XKBVARIANT="intl"
XKBOPTIONS=""
# If you don't want to use the XKB layout on the console, you can
# specify an alternative keymap. Make sure it will be accessible
# before /usr is mounted.
# KMAP=/etc/
ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: lightdm 1.4.0-0ubuntu2
ProcVersionSign
Uname: Linux 3.5.0-26-generic x86_64
ApportVersion: 2.6.1-0ubuntu10
Architecture: amd64
Date: Thu Mar 28 15:25:34 2013
ExecutablePath: /usr/sbin/lightdm
InstallationDate: Installed on 2013-03-20 (7 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
MarkForUpload: True
ProcEnviron:
TERM=linux
PATH=(custom, no user)
SourcePackage: lightdm
UpgradeStatus: No upgrade log present (probably fresh install)
| Evan Sonnemans (evan-exalt) wrote | #1 |
| Marc Deslauriers (mdeslaur) wrote Bug is not a security issue | #2 |
| information type: | Private Security → Public |
| Changed in lightdm (Ubuntu): | |
| importance: | Undecided → Medium |
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.