[regression] lock screen bypass with touchpad

Bug #1321043 reported by Seth Arnold on 2014-05-19
274
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Unity
Fix Released
Critical
Andrea Azzarone
7.2
Fix Released
Critical
Andrea Azzarone
unity (Ubuntu)
Critical
Andrea Azzarone
Trusty
Undecided
Unassigned

Bug Description

[Inpact]
Using 3/4-fingers gestures in touchpads when unity is locked might make the switcher or the dash to show up

[Test case]
1) Lock the unity screen with Super+L
2) Use the [1] three fingers gesture to show the switcher or the four fingers tap to
   show the dash
3) Nothing should be shown.

[Regression Potential]
There's basically no regression potential. Geistures are just disabled when the screen is locked.

[1] https://wiki.ubuntu.com/Multitouch#Supported_Gestures

-----

László Gyaraki has reported a lock screen bypass using the touchpad; his video appears to use three-finger or four-finger use of his touchpad in conjunction with some gestures to bring up windows from the locked session.

His demonstration video can be found here: http://ubuntuone.com/28JQHOlYozn5SKe4jcmb3p (61 megabytes, video/3gpp).

Thanks

Related branches

hexafraction (rarkenin) wrote :

I'm having trouble downloading this video, could you, to make triagers' lives easier, textually describe the actions the video's author takes?

Seth Arnold (seth-arnold) wrote :

hexafraction, sure; he locks the screen using the gear -> lock menu; he waits until the password prompt is visible; he uses three or four fingers on the touchpad to bring up something very similar to alt-tab or alt+` display of running windows.

Andrea Azzarone (azzar1) on 2014-05-20
tags: added: lockscreen
Chris Coulson (chrisccoulson) wrote :

I can at least partially confirm this using my Apple Magic Trackpad. Using a 3 finger tap followed by a 3 finger hold, I get the window switcher to appear on top of the lock screen. I can then drag my fingers to cycle through the windows but I haven't yet been able to get any windows to appear on top of the lock screen

Andrea Azzarone (azzar1) on 2014-05-20
Changed in unity:
importance: Undecided → Critical
assignee: nobody → Andrea Azzarone (andyrock)
Changed in unity (Ubuntu):
assignee: nobody → Andrea Azzarone (andyrock)
summary: - lock screen bypass with touchpad
+ [regression] lock screen bypass with touchpad
Changed in unity:
status: New → In Progress
Changed in unity (Ubuntu):
status: New → In Progress
Andrea Azzarone (azzar1) on 2014-05-20
Changed in unity:
milestone: none → 7.2.1
Andrea Azzarone (azzar1) wrote :

@Crish can you try to linked branch? Ubuntu does not support my multitouch device so I'm not able to reproduce the bug. Please tell me if you need a PPA.

Adolfo Jayme (fitojb) on 2014-05-31
Changed in unity (Ubuntu):
importance: Undecided → Critical
Stephen M. Webb (bregma) on 2014-06-04
Changed in unity:
milestone: 7.2.1 → 7.2.2
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity - 7.2.0+14.10.20140607-0ubuntu1

---------------
unity (7.2.0+14.10.20140607-0ubuntu1) utopic; urgency=low

  [ Chris Townsend ]
  * Fix issue where the number of Launcher icon pips are not always
    properly updated when a new window of an already running application
    is opened. (LP: #1283775)
  * Fix issue where the Panel shadow would get drawn over drop down
    windows in full screen windows. (LP: #1316005)

  [ Andrea Azzarone ]
  * Clear the clipboard when locking the screen. (LP: #1308911)
  * Disable switcher gestures if screen is locked. Fixed a regression.
    (LP: #1321043)
  * Pass the correct options to showLauncherKeyTerminate in
    UnityScreen::OnLockScreen (LP: #1320438)
  * Fix skype indicator blinking. (LP: #1310200)

  [ Marco Trevisan (Treviño) ]
  * PluginAdapter: try to grab the screen to make sure that the screen
    is not grabbed FocusIn event with NotifyGrab mode is not always
    triggered by X when a window takes the grab, then we need to ensure
    that there's no grab by trying to get one. We only care about
    keyboard here, since pointer grabs don't affect us in general. (LP:
    #741869)
  * ShortcutView: use RawPixel's for the size values and convert them to
    match current scaling Plus dinamically allocate horizontal space,
    not to cut the text. (LP: #924840)
 -- Ubuntu daily release <email address hidden> Sat, 07 Jun 2014 16:27:46 +0000

Changed in unity (Ubuntu):
status: In Progress → Fix Released
Changed in unity:
status: In Progress → Fix Committed
milestone: 7.2.2 → 7.3.0
Stephen M. Webb (bregma) on 2014-06-20
Changed in unity:
status: Fix Committed → Fix Released
description: updated

Hello Seth, or anyone else affected,

Accepted unity into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/unity/7.2.2+14.04.20140714-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in unity (Ubuntu Trusty):
status: New → Fix Committed
tags: added: verification-needed
Seth Arnold (seth-arnold) wrote :

Marco, Andrea, I don't have a gesture-capable touchpad and can't test this SRU myself.

Thanks

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity - 7.2.2+14.04.20140714-0ubuntu1

---------------
unity (7.2.2+14.04.20140714-0ubuntu1) trusty; urgency=medium

  [ Alfred Neumayer ]
  * Restore the launcher position by reversing the animation and
    unsetting the DND_PUSHED_OFF quirk. (LP: #1304882)

  [ Brandon Schaefer ]
  * TextInput: move the warning icon inside the input field, render it
    white (LP: #1307738)
  * ShutdownView: Scale up the Buttons and Text plus Borders of the
    UnityWindowView. (LP: #1308323)
  * Lockscreen warning icon needs a tooltip to say what the warning is
    about! (LP: #1308288)

  [ Marco Trevisan (Treviño) ]
  * UnityScreen: always paint the lockscreen above, just add menu and
    onboard as exceptions Some code cleanup, factorizing similar code.
    (LP: #1313280)
  * ApplicationLauncherIcon: Focus and, in case, Spread the windows on
    DnD After 1 second that an user is over an icon, that icon should
    focus the relative application and Spread its windows if it has more
    than one opened. Correctly handle the DnD scale in launcher, and
    apply glow to the icon under pointer. (LP: #607796)
  * ShutdownView: Scale up the Buttons and Text plus Borders of the
    UnityWindowView. (LP: #1308323)
  * SwitcherView: use RawPixel's for the size values and convert them to
    match current scaling (LP: #1317348)
  * PluginAdapter: try to grab the screen to make sure that the screen
    is not grabbed FocusIn event with NotifyGrab mode is not always
    triggered by X when a window takes the grab, then we need to ensure
    that there's no grab by trying to get one. We only care about
    keyboard here, since pointer grabs don't affect us in general.
    (LP: #741869)
  * ShortcutView: use RawPixel's for the size values and convert them to
    match current scaling Plus dinamically allocate horizontal space,
    not to cut the text. (LP: #924840)

  [ Chris Townsend ]
  * Fix issue where scaling the edge illumination up and down with the
    size of the Launcher icons would cause the illumination border to be
    offset and smaller than the icon. (LP: #1309739)
  * Fix issue where the number of Launcher icon pips are not always
    properly updated when a new window of an already running application
    is opened. (LP: #1283775)
  * Fix issue where the Panel shadow would get drawn over drop down
    windows in full screen windows. (LP: #1316005)
  * Bump upstream release to 7.2.2.

  [ Andrea Azzarone ]
  * Clear the clipboard when locking the screen. (LP: #1308911)
  * Disable switcher gestures if screen is locked. Fixed a regression.
    (LP: #1321043)
  * Pass the correct options to showLauncherKeyTerminate in
    UnityScreen::OnLockScreen (LP: #1320438)
  * Fix skype indicator blinking. (LP: #1310200)
  * Add a warning in the session dialog if other sessions are still
    open. (LP: #1281058)

  [ Ubuntu daily release ]
  * New rebuild forced
 -- Ubuntu daily release <email address hidden> Mon, 14 Jul 2014 14:31:00 +0000

Changed in unity (Ubuntu Trusty):
status: Fix Committed → Fix Released

The Unity 7.2.2+14.04.20140714-0ubuntu1 is perfect! Thank you!

tags: added: verification-done
removed: verification-needed
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Duplicates of this bug

Other bug subscribers