Unity Lockscreen shows unlocked desktop while shutting down

Bug #1370017 reported by Margarita Manterola on 2014-09-16
264
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Unity
Fix Released
High
Andrea Azzarone
7.2
Fix Released
High
Andrea Azzarone
unity (Ubuntu)
High
Andrea Azzarone
Trusty
High
Unassigned

Bug Description

[Impact and Test Case]

Steps to reproduce:
1 - Lock the screen
2 - From the lockscreen, tell the computer to shut down / restart

Expected behavior:
* Session programs are closed while the screen is still locked
* During shutdown, no user interaction is possible

Observed behavior:
* The lockscreen is gone immediately, with the rest of compiz (e.g. window decorations are not present)
* But it's possible to interact with programs that are still running in the session for about 3 seconds

Observed on an updated Trusty machine, running unity version 7.2.2+14.04.20140714-0ubuntu1.1

I consider this bug a security vulnerability because during those 3 seconds it could be possible to access and interact with sensitive information. Yes, it's short, but you could take a picture or even rm -rf / if there happened to be a root console available.

[Regression Potential]

An improper implementation of the fix for this issue could result in an indefinite hang during system shutdown, or could result in the problem not being completely fixed and the security vulnerability continuing.

Neither appear to be the case.

[ Other Info ]

The Ubuntu 14.04 LTS SRU has been cherry-picked from upstream Unity where it has been in development-level production code in Ubuntu 'Vivid Vervet' development release for a few months and has not display additional problems.

Related branches

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in unity (Ubuntu):
status: New → Confirmed
description: updated
description: updated
Changed in unity (Ubuntu):
status: Confirmed → Triaged
tags: added: lockscreen
Changed in unity:
status: New → Triaged

Controlling the shutdown order is not that easy unfortunately, probably moving to upstart would help to fix it.

Changed in unity:
importance: Undecided → Medium
Changed in unity (Ubuntu):
importance: Undecided → High
importance: High → Medium
Changed in unity:
assignee: nobody → Andrea Azzarone (andyrock)
milestone: none → 7.3.1
Andrea Azzarone (azzar1) on 2014-09-19
Changed in unity (Ubuntu):
assignee: nobody → Andrea Azzarone (andyrock)
Andrea Azzarone (azzar1) on 2014-09-23
Changed in unity:
importance: Medium → High
status: Triaged → In Progress
Changed in unity (Ubuntu):
status: Triaged → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity - 7.3.1+15.04.20141128-0ubuntu1

---------------
unity (7.3.1+15.04.20141128-0ubuntu1) vivid; urgency=low

  [ Andrea Azzarone ]
  * Unmap all windows during shutdown. (LP: #1370017, #1375271)
  * Make sure GetScreenGeometry returns the correct value. (LP:
    #1374785)

  [ Marco Trevisan (Treviño) ]
  * Decorated Window: still paint decorations if on transformated
    windows in different workspaces (LP: #1383468)
  * DecoratedWindow: make sure we always set a _NET_FRAME_EXTENTS for
    windows that requested it
  * UnityScreen: when filtering out windows in spread, make sure we
    unscale them (LP: #1316265)
  * PanelMenuView: ensure that proper window tiles and buttons are shown
    at the right place (LP: #1384958, #1384910, #1385285)
  * PanelService: inject special key events back to the root window when
    a menu is opened
  * PanelService: use gdbus to notfy upstart of service start/stop
 -- Ubuntu daily release <email address hidden> Fri, 28 Nov 2014 12:56:28 +0000

Changed in unity (Ubuntu):
status: In Progress → Fix Released
Changed in unity:
status: In Progress → Fix Committed
Stephen M. Webb (bregma) wrote :

Attached debdiff between trusty-updates and SRU.

description: updated
information type: Private Security → Public Security
Chris J Arges (arges) wrote :

Accepted unity into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/unity/7.2.4+14.04.20141217-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in unity (Ubuntu Trusty):
status: New → Fix Committed
tags: added: verification-needed-trusty
tags: added: verification-done-trusty
removed: verification-needed-trusty

I've checked it two times and both times I couldn't interact with programs.

All the windows of programs except the Terminal dissapeard. The Terminal console of regural user displayed info about shutting down and no interaction was possible. The same happened when I had root console open it showed without window decorations very briefly (much less then 3 seconds) and I couldn't interact with it.

The third try and I didn't see any programs at all.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity - 7.2.4+14.04.20141217-0ubuntu1

---------------
unity (7.2.4+14.04.20141217-0ubuntu1) trusty; urgency=medium

  [ Andrea Azzarone ]
  * Share lockscreen password between screens (lp: #1308540)
  * Allow a distinct pam config file for greeter and for lock-screen.
    (lp: #1305440)
  * Add an arrow activator in the lockscreen. (lp: #1332509)
  * Make sure GetScreenGeometry returns the correct value (lp: #1374785).
  * unmapped all windows prior to shutdown (lp: #1370017) (lp: #1375271)

  [ Brandon Schaefer ]
  * fix tooltip for the "Show Desktop / Restore Windows" icon in the Alt-Tab
    switcher (lp: #1237132)
  * Use CONFIG instead of CACHE to store the first_run.stamp (lp: #1328677)

  [ Eleni Maria Stea ]
  * LayoutSystem: make sure the exposed open windows are displayed in the
    preserved order (lp: #1349281).

  [ handsome_feng ]
  * added support for getting the distro name from /etc/os-release
    (lp: #1329584)

  [ Iain Lane ]
  * When grabbing keys, try prefixing "XF86" if the key isn't found. GNOME
    gives us unprefixed keys sometimes (lp: #1302885).

  [ Marco Trevisan (Treviño) ]
  * make the Launcher icon count badge width depend on the text value width
    and scaling (lp: #1353070) (lp: #1354498) (lp: #796527) (lp: #1066971)
    (lp: #1361713)
  * DecoratedWindow: make edges independent from borders and properly update
    them on actions change (lp: #1276177), (lp: #1299741), (lp: #1301776),
    (lp: #1324104), (lp: #1364225), (lp: #1373695)
  * Lockscreen: scale the UI elements based on current monitor scaling
    (lp: #1292218)
  * UnityScreen: when filtering out windows in spread, make sure we unscale
    them (lp: #1316265).
  * PanelMenuView: ensure that proper window tiles and buttons are shown at
    the right place (lp: #1384910) (lp: #1384958) (lp: #1385285)
  * SearchBar, ActionButtons, IconRenderer: include the font scaling when
    scaling textual items (lp: #1332947) (lp: #1361751) (lp: #1362162)
    (lp: #1362346).
  * ApplicationLauncherIcon: make sure we close the dash if DnD is accepted
    and the application window is about to be focused (lp: #1350331).
  * SwitcherView: set progress on icon render args (lp: #1361679).
  * LockScreenController: wait for the primary shield to get the grab
    before setting the session locked (lp: #1368427) (lp: #1371764).
  * added decorations to windows in non-focused workspaces (lp: #1383468)

  [ Stephen M. Webb ]
  * updated the unity(1) manpage to match the actual command (lp: #1059275)
  * bumped package version to match upstream

  [ Marco Trevisan (Treviño) ]
  * Preparing for unity 7.2.4
 -- Ubuntu daily release <email address hidden> Wed, 17 Dec 2014 20:52:10 +0000

Changed in unity (Ubuntu Trusty):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for unity has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Stephen M. Webb (bregma) on 2015-02-11
Changed in unity:
status: Fix Committed → Fix Released
Margarita Manterola (marga-9) wrote :

I'm still seeing this on an up-to-date Trusty instance.

$ apt-cache policy unity
unity:
  Installed: 7.2.4+14.04.20141217-0ubuntu1
  Candidate: 7.2.4+14.04.20141217-0ubuntu1

$ apt-cache policy compiz
compiz:
  Installed: 1:0.9.11.3+14.04.20150122-0ubuntu1
  Candidate: 1:0.9.11.3+14.04.20150122-0ubuntu1

The reproduction case is:
1) In a Unity environment, start a terminal
2) Lock the screen
3) From the lockscreen, restart the machine

Expected:
  No interaction is possible while the machine is shutting down.
Actual:
  It's possible to interact with the terminal for around 3 seconds.

The SRU instructions didn't include the "open terminal" step, it might be that that's why this was verified even if it's not actually fixed?

Margarita Manterola (marga-9) wrote :

This bug is still present in Trusty with the latest Unity version (7.2.5+14.04.20150521.1-0ubuntu1).

The verification instructions were wrong and this bug never actually got fixed.

Changed in unity (Ubuntu Trusty):
importance: Undecided → Medium
Changed in unity (Ubuntu):
importance: Medium → High
Changed in unity (Ubuntu Trusty):
importance: Medium → High
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers