lock screen bypass
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Unity |
Fix Released
|
Critical
|
Irfan Fauzan | |
| | unity (Ubuntu) |
Critical
|
Marco Trevisan (Treviño) | ||
| | Trusty |
Critical
|
Marc Deslauriers | ||
| | Utopic |
Critical
|
Marco Trevisan (Treviño) | ||
Bug Description
I found a bug allowing a user to bypass the new lock screen of Ubuntu 14.04
1 - When the screen is locked just right click multiple times on the indicator bar (for example on the battery indicator), then shortcuts are available.
2 - Press ALT+F2
3 - you can execute the command you whant on behalf of the logged user.
Here is a video demonstrating this bug : http://
lsb_release -rd
Description: Ubuntu 14.04 LTS
Release: 14.04
Ubuntu version updated the 04/28/2014
apt-cache policy unity
unity:
Installed: 7.2.0+14.
Candidate: 7.2.0+14.
Version table:
*** 7.2.0+14.
500 http://
100 /var/lib/
Related branches
- PS Jenkins bot: Approve (continuous-integration) on 2014-04-28
- Andrea Azzarone: Approve on 2014-04-28
-
Diff: 73 lines (+18/-3)1 file modifiedplugins/unityshell/src/unityshell.cpp (+18/-3)
- PS Jenkins bot: Approve (continuous-integration) on 2014-04-29
- Brandon Schaefer: Approve on 2014-04-29
-
Diff: 311 lines (+93/-26)8 files modifiedlockscreen/LockScreenController.cpp (+12/-3)
lockscreen/LockScreenController.h (+1/-0)
lockscreen/LockScreenShield.cpp (+14/-2)
lockscreen/LockScreenShield.h (+1/-0)
plugins/unityshell/src/unityshell.cpp (+54/-15)
plugins/unityshell/src/unityshell.h (+2/-0)
shutdown/SessionController.cpp (+7/-5)
tests/test_session_controller.cpp (+2/-1)
| information type: | Private Security → Public Security |
| Changed in unity (Ubuntu): | |
| status: | New → Confirmed |
| importance: | Undecided → Critical |
| Changed in unity (Ubuntu): | |
| assignee: | nobody → Brandon Schaefer (brandontschaefer) |
| status: | Confirmed → In Progress |
| Changed in unity: | |
| status: | New → In Progress |
| importance: | Undecided → Critical |
| assignee: | nobody → Brandon Schaefer (brandontschaefer) |
| Changed in unity: | |
| milestone: | none → 7.2.1 |
| Changed in unity: | |
| assignee: | Brandon Schaefer (brandontschaefer) → Marco Trevisan (Treviño) (3v1n0) |
| Changed in unity (Ubuntu): | |
| assignee: | Brandon Schaefer (brandontschaefer) → Marco Trevisan (Treviño) (3v1n0) |
| tags: | added: lockscreen |
| Changed in unity (Ubuntu): | |
| assignee: | Marco Trevisan (Treviño) (3v1n0) → Marc Deslauriers (mdeslaur) |
| Changed in unity (Ubuntu Trusty): | |
| status: | New → In Progress |
| importance: | Undecided → Critical |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in unity (Ubuntu Utopic): | |
| assignee: | Marc Deslauriers (mdeslaur) → Marco Trevisan (Treviño) (3v1n0) |
| Launchpad Janitor (janitor) wrote : | #2 |
This bug was fixed in the package unity - 7.2.0+14.
---------------
unity (7.2.0+
* SECURITY UPDATE: lock screen bypass (LP: #1313885)
- debian/
lockscree
plugins/
-- Marc Deslauriers <email address hidden> Mon, 28 Apr 2014 22:29:13 -0400
| Changed in unity (Ubuntu Trusty): | |
| status: | In Progress → Fix Released |
| azul (azul) wrote : | #4 |
I can still bypass the logscreen by rightclicking the indicators.
In order to reproduce:
Open a Terminal
Press CTRL+ALT+L to lock the screen
right click the indicators some times
type and you will enter into the terminal not the password field
The easiest way to reproduce this is to play some music with mplayer in the terminal. If you can stop the music, skip a song etc. with your keys press CTRL+c to quit mplayer. Now you can type whatever you want and it will be executed.
This probably affects other Programs. I can even switch the terminal with the default shortcuts. I guess i could also start one with CTRL+ALT+T but i need to confirm that.
I just installed the fix above. Have not rebooted though. So that might fix it.
| azul (azul) wrote : | #5 |
Confirmed that CTRL+ALT+T for a new terminal works.
| azul (azul) wrote : | #6 |
reboot did not fix it.
| Marc Deslauriers (mdeslaur) wrote : | #7 |
@azul: please file a new bug, that is likely a different issue.
@azul and @Marc I reported a new bug for the problem discovered by azul.
https:/
| Launchpad Janitor (janitor) wrote : | #9 |
This bug was fixed in the package unity - 7.2.0+14.
---------------
unity (7.2.0+
* SECURITY UPDATE: lock screen bypass (LP: #1313885)
- debian/
lockscree
plugins/
-- Marc Deslauriers <email address hidden> Mon, 28 Apr 2014 22:29:13 -0400
| Changed in unity (Ubuntu Utopic): | |
| status: | In Progress → Fix Released |
| Changed in unity: | |
| status: | In Progress → Fix Committed |
| Changed in unity: | |
| assignee: | Marco Trevisan (Treviño) (3v1n0) → Irfan Fauzan (irfan-it2988) |
| Changed in unity: | |
| status: | Fix Committed → Fix Released |
Hello.
When i tried to unlock the lockscreen,i enter with any password and with no password.
The same is when i log in my session.
My account has a very strong password made during installation.
Thanks for your help.
I can get the dash to pop up (which is an issue), but I cant input anything into the dash. It goes to the input for the lockscreen.
Either way, the command lens shouldn't be popping up.