Currently the DRM permission model is roughly “if you've got drm master you can access any buffer and if you don't have drm master you can't access any of master's buffers”. This is ok for the existing fast-user-switching method of spawning a new X server and then VT switching, as the old server drops master and the new server becomes the drm master.
Actually, the above is a lie: currently the DRM permission model is ‘if you're authenticated you can access any buffer any client has shared’, and X proxies drm auth for all clients. VT switching drops master, but dropping master does not drop authentication, so this does not prevent inactive users from snooping on shared buffers.
For the system compositor this is a bit worse, as the root window of the user sessions will be shared buffers.
This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:
apport-collect 1025525
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.