Unity Lockscreen shows unlocked desktop while shutting down
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Unity |
Fix Released
|
High
|
Andrea Azzarone | |
| | 7.2 |
Fix Released
|
High
|
Andrea Azzarone | |
| | unity (Ubuntu) |
High
|
Andrea Azzarone | ||
| | Trusty |
High
|
Unassigned | ||
Bug Description
[Impact and Test Case]
Steps to reproduce:
1 - Lock the screen
2 - From the lockscreen, tell the computer to shut down / restart
Expected behavior:
* Session programs are closed while the screen is still locked
* During shutdown, no user interaction is possible
Observed behavior:
* The lockscreen is gone immediately, with the rest of compiz (e.g. window decorations are not present)
* But it's possible to interact with programs that are still running in the session for about 3 seconds
Observed on an updated Trusty machine, running unity version 7.2.2+14.
I consider this bug a security vulnerability because during those 3 seconds it could be possible to access and interact with sensitive information. Yes, it's short, but you could take a picture or even rm -rf / if there happened to be a root console available.
[Regression Potential]
An improper implementation of the fix for this issue could result in an indefinite hang during system shutdown, or could result in the problem not being completely fixed and the security vulnerability continuing.
Neither appear to be the case.
[ Other Info ]
The Ubuntu 14.04 LTS SRU has been cherry-picked from upstream Unity where it has been in development-level production code in Ubuntu 'Vivid Vervet' development release for a few months and has not display additional problems.
Related branches
- PS Jenkins bot: Needs Fixing (continuous-integration) on 2014-10-22
- Marco Trevisan (Treviño): Approve on 2014-10-22
-
Diff: 903 lines (+587/-26)19 files modifiedUnityCore/GLibDBusProxy.cpp (+100/-3)
UnityCore/GLibDBusProxy.h (+6/-0)
UnityCore/GLibWrapper-inl.h (+12/-0)
UnityCore/GLibWrapper.h (+1/-0)
UnityCore/GnomeSessionManager.cpp (+0/-1)
lockscreen/CMakeLists.txt (+2/-0)
lockscreen/LockScreenController.cpp (+10/-1)
lockscreen/LockScreenController.h (+4/-1)
lockscreen/ShutdownNotifier.cpp (+152/-0)
lockscreen/ShutdownNotifier.h (+51/-0)
lockscreen/SuspendNotifier.cpp (+153/-0)
lockscreen/SuspendNotifier.h (+51/-0)
plugins/unityshell/src/unityshell.cpp (+1/-18)
unity-shared/PluginAdapter.cpp (+34/-0)
unity-shared/PluginAdapter.h (+3/-0)
unity-shared/StandaloneWindowManager.h (+2/-0)
unity-shared/UScreen.cpp (+2/-1)
unity-shared/UScreen.h (+0/-1)
unity-shared/WindowManager.h (+3/-0)
- Marco Trevisan (Treviño): Approve on 2014-12-17
-
Diff: 6023 lines (+2168/-709)105 files modifiedCMakeLists.txt (+1/-0)
UnityCore/DBusIndicators.cpp (+11/-0)
UnityCore/DBusIndicators.h (+1/-0)
UnityCore/DesktopUtilities.cpp (+12/-0)
UnityCore/DesktopUtilities.h (+1/-0)
UnityCore/GLibDBusProxy.cpp (+100/-3)
UnityCore/GLibDBusProxy.h (+6/-0)
UnityCore/GLibWrapper-inl.h (+12/-0)
UnityCore/GLibWrapper.h (+1/-0)
UnityCore/GnomeSessionManager.cpp (+0/-1)
UnityCore/Indicators.h (+1/-0)
dash/FilterBasicButton.cpp (+6/-3)
dash/previews/ActionButton.cpp (+5/-2)
dash/previews/ErrorPreview.cpp (+1/-0)
dash/previews/PaymentPreview.cpp (+3/-1)
data/CMakeLists.txt (+1/-0)
data/pam/CMakeLists.txt (+1/-0)
data/pam/unity (+2/-0)
debian/changelog (+59/-0)
debian/rules (+1/-1)
debian/unity.install (+1/-0)
debian/unity.migrations (+1/-0)
decorations/DecoratedWindow.cpp (+155/-64)
decorations/DecorationsEdgeBorders.cpp (+32/-19)
decorations/DecorationsForceQuitDialog.cpp (+17/-3)
decorations/DecorationsManager.cpp (+17/-26)
decorations/DecorationsPriv.h (+12/-3)
decorations/DecorationsTitle.cpp (+1/-0)
decorations/DecorationsWidgets.cpp (+13/-1)
decorations/DecorationsWidgets.h (+5/-0)
doc/unity.1 (+35/-10)
hud/HudIconTextureSource.cpp (+0/-5)
hud/HudIconTextureSource.h (+0/-1)
launcher/ApplicationLauncherIcon.cpp (+2/-0)
launcher/DesktopLauncherIcon.cpp (+13/-1)
launcher/DesktopLauncherIcon.h (+2/-0)
launcher/Launcher.cpp (+1/-3)
launcher/LauncherIcon.cpp (+117/-104)
launcher/LauncherIcon.h (+12/-8)
launcher/MockLauncherIcon.h (+0/-5)
launcher/SwitcherView.cpp (+9/-1)
launcher/Tooltip.cpp (+5/-4)
lockscreen/BackgroundSettings.cpp (+13/-11)
lockscreen/BackgroundSettings.h (+0/-1)
lockscreen/CMakeLists.txt (+2/-0)
lockscreen/CofView.cpp (+15/-2)
lockscreen/CofView.h (+3/-1)
lockscreen/LockScreenAbstractShield.h (+14/-1)
lockscreen/LockScreenController.cpp (+54/-14)
lockscreen/LockScreenController.h (+12/-3)
lockscreen/LockScreenPanel.cpp (+31/-2)
lockscreen/LockScreenSettings.cpp (+2/-0)
lockscreen/LockScreenSettings.h (+2/-1)
lockscreen/LockScreenShield.cpp (+60/-29)
lockscreen/LockScreenShield.h (+10/-3)
lockscreen/LockScreenShieldFactory.cpp (+7/-2)
lockscreen/LockScreenShieldFactory.h (+12/-2)
lockscreen/ShutdownNotifier.cpp (+152/-0)
lockscreen/ShutdownNotifier.h (+51/-0)
lockscreen/SuspendNotifier.cpp (+153/-0)
lockscreen/SuspendNotifier.h (+51/-0)
lockscreen/UserAuthenticatorPam.cpp (+1/-2)
lockscreen/UserPromptView.cpp (+96/-17)
lockscreen/UserPromptView.h (+5/-4)
panel/PanelIndicatorEntryView.cpp (+1/-1)
panel/PanelMenuView.cpp (+83/-38)
panel/PanelMenuView.h (+1/-1)
plugins/unityshell/src/unityshell.cpp (+29/-35)
plugins/unityshell/src/unityshell.h (+2/-2)
services/panel-main.c (+8/-0)
services/panel-service.c (+15/-0)
services/panel-service.h (+2/-0)
tests/CMakeLists.txt (+1/-1)
tests/mock_indicators.h (+1/-0)
tests/test_lockscreen_controller.cpp (+10/-2)
tests/test_main_xless.cpp (+4/-5)
tests/test_previews_music_payment.cpp (+1/-0)
tests/test_text_input.cpp (+1/-0)
tools/migration-scripts/03_unity_first_run_stamp_move (+35/-0)
unity-shared/CompizUtils.cpp (+77/-58)
unity-shared/CompizUtils.h (+36/-5)
unity-shared/DashStyle.cpp (+8/-11)
unity-shared/DecorationStyle.cpp (+2/-2)
unity-shared/GnomeKeyGrabber.cpp (+9/-0)
unity-shared/IconRenderer.cpp (+73/-43)
unity-shared/IconRenderer.h (+0/-2)
unity-shared/IconTexture.cpp (+1/-1)
unity-shared/IconTextureSource.cpp (+37/-1)
unity-shared/IconTextureSource.h (+10/-4)
unity-shared/LayoutSystem.cpp (+28/-4)
unity-shared/LayoutSystem.h (+2/-1)
unity-shared/PluginAdapter.cpp (+39/-2)
unity-shared/PluginAdapter.h (+3/-0)
unity-shared/SearchBar.cpp (+18/-12)
unity-shared/SearchBar.h (+9/-9)
unity-shared/SearchBarSpinner.h (+0/-2)
unity-shared/SpreadFilter.cpp (+3/-1)
unity-shared/StandaloneWindowManager.h (+2/-0)
unity-shared/TextInput.cpp (+138/-76)
unity-shared/TextInput.h (+17/-19)
unity-shared/UScreen.cpp (+26/-4)
unity-shared/UScreen.h (+0/-1)
unity-shared/UnitySettings.cpp (+9/-1)
unity-shared/WindowManager.h (+5/-0)
unity-shared/XWindowManager.cpp (+1/-1)
| description: | updated |
| description: | updated |
| Changed in unity (Ubuntu): | |
| status: | Confirmed → Triaged |
| tags: | added: lockscreen |
| Changed in unity: | |
| status: | New → Triaged |
| Marco Trevisan (Treviño) (3v1n0) wrote : | #2 |
Controlling the shutdown order is not that easy unfortunately, probably moving to upstart would help to fix it.
| Changed in unity: | |
| importance: | Undecided → Medium |
| Changed in unity (Ubuntu): | |
| importance: | Undecided → High |
| importance: | High → Medium |
| Changed in unity: | |
| assignee: | nobody → Andrea Azzarone (andyrock) |
| milestone: | none → 7.3.1 |
| Changed in unity (Ubuntu): | |
| assignee: | nobody → Andrea Azzarone (andyrock) |
| Changed in unity: | |
| importance: | Medium → High |
| status: | Triaged → In Progress |
| Changed in unity (Ubuntu): | |
| status: | Triaged → In Progress |
| Launchpad Janitor (janitor) wrote : | #3 |
This bug was fixed in the package unity - 7.3.1+15.
---------------
unity (7.3.1+
[ Andrea Azzarone ]
* Unmap all windows during shutdown. (LP: #1370017, #1375271)
* Make sure GetScreenGeometry returns the correct value. (LP:
#1374785)
[ Marco Trevisan (Treviño) ]
* Decorated Window: still paint decorations if on transformated
windows in different workspaces (LP: #1383468)
* DecoratedWindow: make sure we always set a _NET_FRAME_EXTENTS for
windows that requested it
* UnityScreen: when filtering out windows in spread, make sure we
unscale them (LP: #1316265)
* PanelMenuView: ensure that proper window tiles and buttons are shown
at the right place (LP: #1384958, #1384910, #1385285)
* PanelService: inject special key events back to the root window when
a menu is opened
* PanelService: use gdbus to notfy upstart of service start/stop
-- Ubuntu daily release <email address hidden> Fri, 28 Nov 2014 12:56:28 +0000
| Changed in unity (Ubuntu): | |
| status: | In Progress → Fix Released |
| Changed in unity: | |
| status: | In Progress → Fix Committed |
| Stephen M. Webb (bregma) wrote : | #4 |
Attached debdiff between trusty-updates and SRU.
| description: | updated |
| information type: | Private Security → Public Security |
| Chris J Arges (arges) wrote : | #5 |
Accepted unity into trusty-proposed. The package will build now and be available at http://
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-
Further information regarding the verification process can be found at https:/
| Changed in unity (Ubuntu Trusty): | |
| status: | New → Fix Committed |
| tags: | added: verification-needed-trusty |
| tags: |
added: verification-done-trusty removed: verification-needed-trusty |
I've checked it two times and both times I couldn't interact with programs.
All the windows of programs except the Terminal dissapeard. The Terminal console of regural user displayed info about shutting down and no interaction was possible. The same happened when I had root console open it showed without window decorations very briefly (much less then 3 seconds) and I couldn't interact with it.
The third try and I didn't see any programs at all.
| Launchpad Janitor (janitor) wrote : | #7 |
This bug was fixed in the package unity - 7.2.4+14.
---------------
unity (7.2.4+
[ Andrea Azzarone ]
* Share lockscreen password between screens (lp: #1308540)
* Allow a distinct pam config file for greeter and for lock-screen.
(lp: #1305440)
* Add an arrow activator in the lockscreen. (lp: #1332509)
* Make sure GetScreenGeometry returns the correct value (lp: #1374785).
* unmapped all windows prior to shutdown (lp: #1370017) (lp: #1375271)
[ Brandon Schaefer ]
* fix tooltip for the "Show Desktop / Restore Windows" icon in the Alt-Tab
switcher (lp: #1237132)
* Use CONFIG instead of CACHE to store the first_run.stamp (lp: #1328677)
[ Eleni Maria Stea ]
* LayoutSystem: make sure the exposed open windows are displayed in the
preserved order (lp: #1349281).
[ handsome_feng ]
* added support for getting the distro name from /etc/os-release
(lp: #1329584)
[ Iain Lane ]
* When grabbing keys, try prefixing "XF86" if the key isn't found. GNOME
gives us unprefixed keys sometimes (lp: #1302885).
[ Marco Trevisan (Treviño) ]
* make the Launcher icon count badge width depend on the text value width
and scaling (lp: #1353070) (lp: #1354498) (lp: #796527) (lp: #1066971)
(lp: #1361713)
* DecoratedWindow: make edges independent from borders and properly update
them on actions change (lp: #1276177), (lp: #1299741), (lp: #1301776),
(lp: #1324104), (lp: #1364225), (lp: #1373695)
* Lockscreen: scale the UI elements based on current monitor scaling
(lp: #1292218)
* UnityScreen: when filtering out windows in spread, make sure we unscale
them (lp: #1316265).
* PanelMenuView: ensure that proper window tiles and buttons are shown at
the right place (lp: #1384910) (lp: #1384958) (lp: #1385285)
* SearchBar, ActionButtons, IconRenderer: include the font scaling when
scaling textual items (lp: #1332947) (lp: #1361751) (lp: #1362162)
(lp: #1362346).
* ApplicationLaun
and the application window is about to be focused (lp: #1350331).
* SwitcherView: set progress on icon render args (lp: #1361679).
* LockScreenContr
before setting the session locked (lp: #1368427) (lp: #1371764).
* added decorations to windows in non-focused workspaces (lp: #1383468)
[ Stephen M. Webb ]
* updated the unity(1) manpage to match the actual command (lp: #1059275)
* bumped package version to match upstream
[ Marco Trevisan (Treviño) ]
* Preparing for unity 7.2.4
-- Ubuntu daily release <email address hidden> Wed, 17 Dec 2014 20:52:10 +0000
| Changed in unity (Ubuntu Trusty): | |
| status: | Fix Committed → Fix Released |
| Chris J Arges (arges) wrote : Update Released | #8 |
The verification of the Stable Release Update for unity has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
| Changed in unity: | |
| status: | Fix Committed → Fix Released |
| Margarita Manterola (marga-9) wrote : | #9 |
I'm still seeing this on an up-to-date Trusty instance.
$ apt-cache policy unity
unity:
Installed: 7.2.4+14.
Candidate: 7.2.4+14.
$ apt-cache policy compiz
compiz:
Installed: 1:0.9.11.
Candidate: 1:0.9.11.
The reproduction case is:
1) In a Unity environment, start a terminal
2) Lock the screen
3) From the lockscreen, restart the machine
Expected:
No interaction is possible while the machine is shutting down.
Actual:
It's possible to interact with the terminal for around 3 seconds.
The SRU instructions didn't include the "open terminal" step, it might be that that's why this was verified even if it's not actually fixed?
| Margarita Manterola (marga-9) wrote : | #10 |
This bug is still present in Trusty with the latest Unity version (7.2.5+
The verification instructions were wrong and this bug never actually got fixed.
| Changed in unity (Ubuntu Trusty): | |
| importance: | Undecided → Medium |
| Changed in unity (Ubuntu): | |
| importance: | Medium → High |
| Changed in unity (Ubuntu Trusty): | |
| importance: | Medium → High |
Status changed to 'Confirmed' because the bug affects multiple users.