Encryption Password Visible in Virt Terminal w/Wrong Screen Res
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lightdm (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
I have my hard drive set up with encryption. When the machine boots, it asks me for the security key to decrypt the drive. This is normal, expeced behaviour.
However,in my case the screen is not the correct resolution, so I can't type in the box. However, since the box is there and I'm used to tryng that, I have still done it as a matter of habit.
If you type the password for the Security Key and it doen't go into the box, if you switch to a different virtual Terminal (Ctrl+Alt+F1 or Ctrl+Alt+F2 for instance) and then back to the Virtual Terminal which the login manager uses (Ctrl+Alt+F7) instead of seeing the same screen, you get a black screen and at the top is the password to decrypt the drive in plain text.
I can usually get around the incorrect resolution by rebooting, and then a different screen comes up asking for password - an all text screen that doesn't have the issue. However, if the lightDM screen comes up I must always reboot as my password is not being entered into that screen where it should be and can be seen in plain text by switching virtual terminals.
ProblemType: Bug
DistroRelease: Ubuntu 14.10
Package: lightdm 1.12.1-0ubuntu1
ProcVersionSign
Uname: Linux 3.16.0-29-generic x86_64
NonfreeKernelMo
ApportVersion: 2.14.7-0ubuntu8.1
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Jan 29 19:04:13 2015
EcryptfsInUse: Yes
InstallationDate: Installed on 2015-01-28 (1 days ago)
InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Release amd64 (20141022.1)
SourcePackage: lightdm
UpgradeStatus: No upgrade log present (probably fresh install)
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.