| 2016-09-25 04:53:43 |
Nitish |
bug |
|
|
added bug |
| 2016-09-25 05:15:20 |
Nitish |
description |
This issue seems to be a moderately serious security hole which can be used to get access to someone's machine.
The following are steps to reproduce it:
1. Click and drag the title bar of any window which is open, such that it goes into "move" mode
2. Put the machine to sleep using the shortcut keys (present on most laptops) while still clicking on the mouse.
3. Release the mouse key after the machine goes to sleep
4. Wake the machine up again
5. When the machine wakes up, the lock screen is circumvented and you directly end up with an unlocked PC, i.e., no lockscreen or greeter comes into the picture.
Expected outcome:
When the PC wakes up from sleep, the user must be prompted with a lockscreen/greeter.
Note: Lockscreen was enabled on the machine in which this issue was found.
OS info -
---------
Description: Ubuntu 16.04.1 LTS
Release: 16.04
App info -
----------
lightdm-gtk-greeter:
Installed: (none)
Candidate: 2.0.1-2ubuntu4
Version table:
2.0.1-2ubuntu4 500
500 http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages |
This issue seems to be a moderately serious security hole which can be used to get access to someone's machine.
The following are steps to reproduce it:
1. Click and drag the title bar of any window which is open, such that it goes into "move" mode
2. Put the machine to sleep using the shortcut keys (present on most laptops) while still clicking on the mouse.
3. Release the mouse key after the machine goes to sleep
4. Wake the machine up again
5. When the machine wakes up, the lock screen is circumvented and you directly end up with an unlocked PC, i.e., no lockscreen or greeter comes into the picture.
Expected outcome:
When the PC wakes up from sleep, the user must be prompted with a lockscreen/greeter.
Note: Lockscreen was enabled on the machine in which this issue was found.
OS info -
---------
Description: Ubuntu 16.04.1 LTS
Release: 16.04
App info -
----------
unity-greeter:
Installed: 16.04.2-0ubuntu1
Candidate: 16.04.2-0ubuntu1
Version table:
*** 16.04.2-0ubuntu1 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status |
|
| 2016-09-25 05:16:45 |
Nitish |
affects |
lightdm-gtk-greeter (Ubuntu) |
unity-greeter (Ubuntu) |
|
| 2016-09-25 05:18:29 |
Nitish |
description |
This issue seems to be a moderately serious security hole which can be used to get access to someone's machine.
The following are steps to reproduce it:
1. Click and drag the title bar of any window which is open, such that it goes into "move" mode
2. Put the machine to sleep using the shortcut keys (present on most laptops) while still clicking on the mouse.
3. Release the mouse key after the machine goes to sleep
4. Wake the machine up again
5. When the machine wakes up, the lock screen is circumvented and you directly end up with an unlocked PC, i.e., no lockscreen or greeter comes into the picture.
Expected outcome:
When the PC wakes up from sleep, the user must be prompted with a lockscreen/greeter.
Note: Lockscreen was enabled on the machine in which this issue was found.
OS info -
---------
Description: Ubuntu 16.04.1 LTS
Release: 16.04
App info -
----------
unity-greeter:
Installed: 16.04.2-0ubuntu1
Candidate: 16.04.2-0ubuntu1
Version table:
*** 16.04.2-0ubuntu1 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status |
This issue seems to be a moderately serious security hole which can be used to get access to someone's machine.
The following are steps to reproduce it:
1. Click and drag the title bar of any window which is open, such that it goes into "move" mode
2. Put the machine to sleep using the shortcut keys (present on most laptops) while still clicking on the mouse.
3. Release the mouse key after the machine goes to sleep
4. Wake the machine up again
5. When the machine wakes up, the lock screen is circumvented and you directly end up with an unlocked PC, i.e., no lockscreen or greeter comes into the picture.
Expected outcome:
When the PC wakes up from sleep, the user must be prompted with a lockscreen/greeter.
Note: Lockscreen was enabled on the machine in which this issue was found.
OS info:
--------
Description: Ubuntu 16.04.1 LTS
Release: 16.04
App info:
---------
unity-greeter:
Installed: 16.04.2-0ubuntu1
Candidate: 16.04.2-0ubuntu1
Version table:
*** 16.04.2-0ubuntu1 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
Display manager:
----------------
Lightdm
Lightdm configuration:
[SeatDefaults]
autologin-guest=false
autologin-user=
autologin-user-timeout=0
greeter-session=unity-greeter
autologin-session=lightdm-autologin
[SeatDefaults]
display-setup-script=/etc/lightdm/display-setup-script.sh |
|
| 2016-09-26 22:48:11 |
Emily Ratliff |
bug |
|
|
added subscriber Robert Ancell |
| 2016-09-28 16:56:46 |
Emily Ratliff |
affects |
unity-greeter (Ubuntu) |
unity (Ubuntu) |
|
| 2016-09-28 16:56:53 |
Emily Ratliff |
information type |
Private Security |
Public Security |
|
| 2016-10-06 11:58:34 |
Marc Deslauriers |
unity (Ubuntu): status |
New |
Triaged |
|
