Ubuntu
unity package

Keep the screen locked if autologin or nopasswdlogin is enabled

Bug #1600389 reported by Humphrey van Polanen Petel
270
This bug affects 3 people
Affects Status Importance Assigned to Milestone
unity (Ubuntu)
Fix Released
Medium
Andrea Azzarone
Nominated for Xenial by Marco Trevisan (Treviño)
Xenial
Fix Released
Undecided
Unassigned

Bug Description

[Impact]
After <Super>-L the screen is 'locked' and a password is required to resume operating.
However, restarting the computer will present an 'open' system again.
As a consequence, the computer cannot be protected against unauthorized access by this method.

[Test Case]
1. Activate autologin.
2. Lock the screen
3. Reboot the system (you need to select 'Switch Account...' from the session menu first)
4. After reboot make sure the screen is still locked.

[Regression Potential]
None.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: unity 7.2.6+14.04.20151021-0ubuntu1
ProcVersionSignature: Ubuntu 3.16.0-76.98~14.04.1-generic 3.16.7-ckt27
Uname: Linux 3.16.0-76-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.21
Architecture: amd64
CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins'
CurrentDesktop: Unity
Date: Sat Jul 9 08:44:39 2016
InstallationDate: Installed on 2015-09-08 (304 days ago)
InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1)
SourcePackage: unity
UpgradeStatus: No upgrade log present (probably fresh install)

See original description

Related branches

lp:~azzar1/unity/lock-autologin
Marco Trevisan (Treviño): Approve
PS Jenkins bot: Pending (continuous-integration) requested
Diff: 262 lines (+88/-16)
8 files modified
UnityCore/GnomeSessionManager.cpp (+45/-0)
UnityCore/GnomeSessionManager.h (+1/-0)
UnityCore/GnomeSessionManagerImpl.h (+1/-0)
UnityCore/SessionManager.h (+1/-0)
plugins/unityshell/src/unityshell.cpp (+34/-16)
plugins/unityshell/src/unityshell.h (+4/-0)
shutdown/StandaloneSession.cpp (+1/-0)
tests/test_mock_session_manager.h (+1/-0)
lp:~unity-team/unity/x-sru5
Andrea Azzarone (community): Approve
Diff: 12627 lines (+4713/-1916)
190 files modified
AUTHORS (+2/-0)
CMakeLists.txt (+9/-98)
ChangeLog (+663/-0)
UnityCore/CMakeLists.txt (+2/-1)
UnityCore/DBusIndicators.cpp (+1/-1)
UnityCore/GLibDBusProxy.cpp (+12/-8)
UnityCore/GLibDBusProxy.h (+2/-2)
UnityCore/GLibSignal-inl.h (+10/-2)
UnityCore/GLibSignal.cpp (+75/-29)
UnityCore/GLibSignal.h (+16/-11)
UnityCore/GnomeSessionManager.cpp (+127/-39)
UnityCore/GnomeSessionManager.h (+1/-0)
UnityCore/GnomeSessionManagerImpl.h (+4/-0)
UnityCore/SessionManager.h (+1/-0)
UnityCore/Variant.cpp (+30/-0)
UnityCore/Variant.h (+1/-0)
config.h.cmake (+3/-2)
dash/ResultRendererTile.cpp (+1/-1)
data/CMakeLists.txt (+37/-1)
data/com.canonical.Unity.gschema.xml (+5/-0)
data/unity7.conf.in (+2/-19)
debian/changelog (+78/-0)
debian/control (+2/-1)
debian/rules (+3/-0)
debian/unity.install (+3/-0)
debian/unity.migrations (+1/-0)
decorations/DecoratedWindow.cpp (+2/-9)
decorations/DecorationsForceQuitDialog.cpp (+4/-2)
decorations/DecorationsMenuLayout.cpp (+35/-37)
decorations/DecorationsMenuLayout.h (+3/-2)
decorations/DecorationsPriv.h (+0/-1)
decorations/DecorationsWindowButton.cpp (+2/-1)
launcher/EdgeBarrierController.cpp (+32/-117)
launcher/EdgeBarrierControllerPrivate.h (+1/-6)
launcher/FileManagerLauncherIcon.cpp (+30/-0)
launcher/FileManagerLauncherIcon.h (+8/-0)
launcher/Launcher.cpp (+36/-32)
launcher/Launcher.h (+1/-0)
launcher/LauncherOptions.cpp (+22/-22)
launcher/StorageLauncherIcon.cpp (+7/-12)
launcher/Tooltip.cpp (+6/-6)
launcher/Tooltip.h (+1/-2)
lockscreen/BackgroundSettings.cpp (+18/-13)
lockscreen/KylinLockScreenShield.cpp (+1/-19)
lockscreen/KylinLockScreenShield.h (+0/-3)
lockscreen/KylinUserPromptView.cpp (+15/-15)
lockscreen/KylinUserPromptView.h (+2/-3)
lockscreen/LockScreenAbstractPromptView.h (+5/-3)
lockscreen/LockScreenBaseShield.cpp (+14/-7)
lockscreen/LockScreenBaseShield.h (+4/-6)
lockscreen/LockScreenController.cpp (+91/-38)
lockscreen/LockScreenController.h (+12/-2)
lockscreen/LockScreenPanel.cpp (+26/-57)
lockscreen/LockScreenPanel.h (+5/-9)
lockscreen/LockScreenPromptFactory.cpp (+4/-3)
lockscreen/LockScreenPromptFactory.h (+3/-1)
lockscreen/LockScreenShield.cpp (+8/-17)
lockscreen/LockScreenShield.h (+4/-3)
lockscreen/LockScreenShieldFactory.cpp (+2/-2)
lockscreen/LockScreenShieldFactory.h (+3/-3)
lockscreen/SuspendInhibitorManager.cpp (+2/-0)
lockscreen/SuspendInhibitorManager.h (+1/-0)
lockscreen/UserAuthenticator.h (+2/-0)
lockscreen/UserAuthenticatorPam.cpp (+41/-33)
lockscreen/UserAuthenticatorPam.h (+9/-8)
lockscreen/UserPromptView.cpp (+51/-15)
lockscreen/UserPromptView.h (+7/-4)
panel/PanelController.cpp (+1/-2)
panel/PanelIndicatorEntryView.cpp (+10/-0)
panel/PanelMenuView.cpp (+1/-7)
panel/PanelMenuView.h (+0/-2)
panel/PanelView.cpp (+14/-121)
panel/PanelView.h (+4/-12)
plugins/unityshell/src/unityshell.cpp (+117/-95)
plugins/unityshell/src/unityshell.h (+9/-2)
plugins/unityshell/unityshell.xml.in (+0/-6)
services/CMakeLists.txt (+1/-1)
services/panel-main.c (+36/-0)
services/panel-service.c (+86/-10)
services/panel-service.h (+2/-0)
services/unity-panel-service-lockscreen.conf.in (+3/-1)
services/unity-panel-service-lockscreen.service.in (+7/-0)
services/unity-panel-service.conf.in (+3/-1)
shutdown/StandaloneSession.cpp (+1/-0)
tests/CMakeLists.txt (+473/-292)
tests/MockCategories.h (+24/-14)
tests/MockResults.h (+32/-7)
tests/autopilot/unity/tests/test_dash.py (+4/-4)
tests/data/external.gschema.xml (+7/-1)
tests/test-gestures/CMakeLists.txt (+5/-3)
tests/test-gestures/test_gesture_broker.cpp (+3/-3)
tests/test_action_handle.cpp (+12/-12)
tests/test_animation_utils.cpp (+4/-4)
tests/test_application_launcher_icon.cpp (+4/-4)
tests/test_bamf_application.cpp (+28/-3)
tests/test_categories.cpp (+3/-3)
tests/test_connection_manager.cpp (+10/-10)
tests/test_dashview.cpp (+1/-1)
tests/test_dashview_impl.cpp (+3/-3)
tests/test_dbus_indicators.cpp (+4/-4)
tests/test_decorations_input_mixer.cpp (+7/-7)
tests/test_decorations_widgets.cpp (+5/-5)
tests/test_delta_tracker.cpp (+6/-6)
tests/test_desktop_launcher_icon.cpp (+1/-1)
tests/test_device_launcher_section.cpp (+1/-1)
tests/test_edge_barrier_controller.cpp (+2/-0)
tests/test_favorite_store_gsettings.cpp (+5/-5)
tests/test_favorite_store_private.cpp (+4/-4)
tests/test_file_manager_launcher_icon.cpp (+202/-0)
tests/test_filter_widgets.cpp (+1/-1)
tests/test_glib_dbus_object.cpp (+2/-2)
tests/test_glib_dbus_server.cpp (+17/-17)
tests/test_glib_object.cpp (+10/-10)
tests/test_glib_signals.cpp (+201/-63)
tests/test_glib_source.cpp (+45/-45)
tests/test_glib_variant.cpp (+9/-9)
tests/test_gnome_session_manager.cpp (+10/-3)
tests/test_grabhandle.cpp (+2/-2)
tests/test_gsettings_scopes.cpp (+32/-32)
tests/test_hud_button.cpp (+2/-2)
tests/test_hud_private.cpp (+6/-6)
tests/test_hud_view.cpp (+1/-1)
tests/test_icon_loader.cpp (+32/-32)
tests/test_indicator.cpp (+6/-6)
tests/test_indicator_appmenu.cpp (+3/-3)
tests/test_indicator_entry.cpp (+3/-3)
tests/test_indicators.cpp (+11/-11)
tests/test_introspection_data.cpp (+40/-40)
tests/test_keyboard_util.cpp (+8/-0)
tests/test_launcher_controller.cpp (+14/-11)
tests/test_launcher_model.cpp (+6/-6)
tests/test_layout_system.cpp (+9/-9)
tests/test_lockscreen_controller.cpp (+9/-7)
tests/test_mock_session_manager.h (+1/-0)
tests/test_panel_controller.cpp (+5/-3)
tests/test_panel_indicator_entry_dropdown_view.cpp (+10/-10)
tests/test_panel_view.cpp (+2/-0)
tests/test_pointer_barrier.cpp (+2/-2)
tests/test_previews.cpp (+2/-2)
tests/test_previews_application.cpp (+2/-2)
tests/test_previews_generic.cpp (+1/-1)
tests/test_previews_movie.cpp (+1/-1)
tests/test_previews_music.cpp (+1/-1)
tests/test_previews_music_payment.cpp (+1/-1)
tests/test_previews_payment.cpp (+1/-0)
tests/test_previews_social.cpp (+1/-1)
tests/test_quicklist_view.cpp (+1/-1)
tests/test_results.cpp (+10/-10)
tests/test_scope.cpp (+6/-6)
tests/test_scope_view.cpp (+12/-12)
tests/test_session_view.cpp (+4/-4)
tests/test_shortcut_model.cpp (+4/-4)
tests/test_shortcut_view.cpp (+3/-3)
tests/test_showdesktop_handler.cpp (+13/-5)
tests/test_switcher_controller_slow.cpp (+5/-5)
tests/test_tabiterator.cpp (+0/-6)
tests/test_texture_cache.cpp (+2/-2)
tests/test_thumbnail_generator.cpp (+5/-5)
tests/test_trash_launcher_icon.cpp (+6/-6)
tests/test_ubus.cpp (+6/-6)
tests/test_unity_window_style.cpp (+3/-3)
tests/test_volume_launcher_icon.cpp (+4/-4)
tools/CMakeLists.txt (+13/-3)
tools/compiz-profile-selector.in (+49/-0)
tools/compiz_config_profile_setter.c (+228/-0)
tools/migration-scripts/06_unity_set_lowgfx_mode_settings_v1 (+95/-0)
tools/unity.cmake (+23/-7)
tools/upstart-prestart-check (+17/-0)
unity-shared/BGHash.cpp (+22/-59)
unity-shared/BGHash.h (+3/-4)
unity-shared/BackgroundEffectHelper.cpp (+3/-4)
unity-shared/CMakeLists.txt (+1/-0)
unity-shared/DashStyle.cpp (+2/-2)
unity-shared/GnomeFileManager.cpp (+4/-2)
unity-shared/InputMonitor.cpp (+423/-0)
unity-shared/InputMonitor.h (+67/-0)
unity-shared/MenuManager.cpp (+157/-1)
unity-shared/MenuManager.h (+4/-0)
unity-shared/SigcSlotHash.h (+70/-0)
unity-shared/StandaloneWindowManager.cpp (+3/-0)
unity-shared/StandaloneWindowManager.h (+1/-0)
unity-shared/ThumbnailGenerator.cpp (+1/-1)
unity-shared/UScreen.cpp (+9/-0)
unity-shared/UScreen.h (+2/-0)
unity-shared/UnitySettings.cpp (+147/-14)
unity-shared/UnitySettings.h (+1/-1)
unity-shared/UpstartWrapper.cpp (+11/-6)
unity-shared/WindowManager.h (+1/-0)
unity-shared/XWindowManager.cpp (+6/-0)
unity-shared/XWindowManager.h (+1/-0)
lp:~ci-train-bot/unity/unity-ubuntu-xenial-2841
Revision history for this message
Humphrey van Polanen Petel (hpvpp) wrote :
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Could you open the system settings, user panel, and see if the "automatic login" setting is enabled for your user? (It isn't for my user, I must log in every time I reboot my machine.)

Thanks

information type: Private Security → Public Security
Changed in unity (Ubuntu):
status: New → Incomplete
Revision history for this message
Seth Arnold (seth-arnold) wrote :

I suppose I should add another caution that regardless of the setting of the "automatic login" setting on user accounts, it's possible that anyone that can interact with the computer during early boot can use e.g. "init=/bin/sh" at the kernel command line to boot into an environment without any passwords, which can then be used to change nearly everything on the system.

If you wish to keep your data private, a simple screen lock and login passwords are not sufficient; full disk encryption or per-user encrypted mounts (eCryptfs) are required.

Thanks

Revision history for this message
Humphrey van Polanen Petel (hpvpp) wrote :

My system is set for "automatic login".

I recognize that the system is vulnerable at boot.

However, I submit
that the lock screen insinuates that the system has been secured against unauthorized access and
that the average user has the tendency to trust what the system tell it so that
therefore
the lock screen utility *must* be improved.

I suggest to let the lock screen utility disable automatic login (and set a flag to restore the previous setting).

Revision history for this message
Andrea Azzarone (azzar1) wrote :

"automatic login" is not enabled by default, marking as opinion.

Changed in unity (Ubuntu):
status: Incomplete → Opinion
importance: Undecided → Wishlist
Andrea Azzarone (azzar1)
Changed in unity (Ubuntu):
status: Opinion → In Progress
importance: Wishlist → Low
importance: Low → Medium
tags: added: destkop-trello-import
Changed in unity (Ubuntu):
assignee: nobody → Andrea Azzarone (azzar1)
tags: added: desktop-trello-import
removed: destkop-trello-import
Revision history for this message
Andrea Azzarone (azzar1) wrote : Automatically added comment

Added to Trello: https://trello.com/c/W4mtmU64/23-bug-1600389-lock-screen-is-not-safe

tags: removed: desktop-trello-import
Andrea Azzarone (azzar1)
summary: - lock screen is not safe
+ Keep the screen locked if autlogin is enabled
summary: - Keep the screen locked if autlogin is enabled
+ Keep the screen locked if autologin is enabled
Andrea Azzarone (azzar1)
summary: - Keep the screen locked if autologin is enabled
+ Keep the screen locked if autologin or nopasswdlogin is enabled
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity - 7.5.0+17.04.20170109-0ubuntu1

---------------
unity (7.5.0+17.04.20170109-0ubuntu1) zesty; urgency=medium

  [ Andrea Azzarone ]
  * Round gtk scaling factor to closest integer. (LP: #1649736)
  * Keep the screen locked if rebooting with autologin. (LP: #1600389)

  [ Eleni Maria Stea ]
  * shouldn't create blur rectangles when there's no blur, skips the
    blur rects processing in low gfx.

 -- Marco Trevisan (Treviño) <mail@3v1n0.net> Mon, 09 Jan 2017 15:10:02 +0000

Changed in unity (Ubuntu):
status: In Progress → Fix Released
Andrea Azzarone (azzar1)
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Humphrey, or anyone else affected,

Accepted unity into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unity/7.4.5+16.04.20171116 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in unity (Ubuntu Xenial):
status: New → Fix Committed
tags: added: verification-needed verification-needed-xenial
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Hello Humphrey, or anyone else affected,

Accepted unity into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unity/7.4.5+16.04.20171201.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Humphrey van Polanen Petel (hpvpp) wrote :

Sorry for not responding earlier.

tests run after locking screen
1 - suspend
2 - switch session, shutdown, restart
3 - switch to guest account, shutdown, restart
4 - disconnected power

in all cases the system came up with the screen locked

if these were all options then the patch has solved the problem
if I missed something then please reopen and tell me what to test

tags: added: verification-done-xenial
removed: verification-needed-xenial
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.4 KiB)

This bug was fixed in the package unity - 7.4.5+16.04.20171201.3

---------------
unity (7.4.5+16.04.20171201.3) xenial; urgency=medium

  [ Marco Trevisan (Treviño) ]
  * InputMonitor: add an unity class that monitors XInput2 events and
    converts them to XEvent
  * EdgeBarrierController: use InputMonitor to get the barrier events
    instead of relying on its implementation
  * DecorationsMenuLayout: use input monitor for menu scrubbing (LP:
    #1614597)
  * PanelView: use InputMonitor to track menu events
  * LockScreenPanel: use InputMonitor events instead of mouse polling
    for menu scrubbing
  * MenuManager: add support for mouse trackers with triangle algorithm
    support (LP: #1618405)
  * PanelView: scale gradient refinement properly
  * PanelService: don't allow to deactivate menus if they've been opened
    too shortly
  * LockScreenController: ignore icon_paths_changed signal in
    menumanager for Lockscreen
  * LockScreenController: use InputMonitor to get all the events and
    hide the Blank Window (LP: #1321075)
  * LockScreenController: use input monitor to get the events to switch
    monitor (LP: #1316862)
  * LauncherOptions: use track_obj to manage option changes (LP:
    #1622995)
  * UnityScreen: toggle gestures recognition on lock (LP: #1645507)
  * GnomeSessionManager: add gcancellable to instance and use it for
    calls with temporary proxies
  * BackgroundSettings: use gnome-bg to generate textures with proper
    scaling (LP: #1666359)
  * UnityWindow: safely check validity of UnityWindow from scaled one
    (LP: #1659847)
  * Panel: ensure the menu-manager tracker is updated to match monitor
    (LP: #1671432)
  * compiz-profile-setter: tool to update the current profile and use in
    systemd and Unity settings (LP: #1668950)
  * BGHash, UnityScreen: get desktop averageColor from compiz
  * Launcher: disable or reduce most icon effects on lowgfx (LP:
    #1700859)
  * PanelController: ensure we disconnect from signals on destruction
    (LP: #1504870)
  * tools: add migration script to set the default values for unity-
    lowgfx profile

  [ Andrea Azzarone ]
  * Properly handle the file manager copy dialog in
    FileManagerLauncherIcon and in StorageLauncherIcon. (LP: #1575452,
    LP: #1609845)
  * Correctly position the force quit dialog when scaling is different
    than 1.0 (LP: #1637991)
  * GnomeSession: Retrieve the session id using dbus if $XDG_SESSION_ID
    is not set
  * Round gtk scaling factor to closest integer. (LP: #1649736)
  * Keep the screen locked if rebooting with autologin. (LP: #1600389)
  * Use g_mkdir_with_parents instead of mkdir.
  * Lockscreen: always draw the background-color in the lockscreen (LP:
    #1702701)
  * Refactor the way UserAuthenticator is created and passed around.
    Handle failures to create new threads and fallback to a "Switch to
    greeter..." button in case of failure. (LP: #1311316)
  * Wait until the color buffer is cleared before suspending. (LP:
    #1532508)

  [ Kai-Heng Feng ]
  * UnitySettings: If scale-factor is not set, find and set right scale
    for HiDPI displays.

  [ Eleni Maria Stea ]
  * shouldn't create blur rectangles when there's ...

Read more...

Changed in unity (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote : Update Released

The verification of the Stable Release Update for unity has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.