pinlock snap decision potentially allows malicious app to gain access to user PIN and Passcode
Bug #1306769 reported by
Antti Kaijanmäki
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
unity-notifications |
Expired
|
Medium
|
Unassigned | ||
unity8 (Ubuntu) |
Expired
|
High
|
Unassigned |
Bug Description
Currently the pinlock dialog is implemented as snapdecision and thus any application that is allowed to use the notifications can potentially trick the user to provide his PIN code or Passcode to the application by invoking the pinlock dialog.
As we want to allow applications to send normal notifications and snapdecisions we can't just block the whole notify service from them, but also we don't have any means to block just one of them.
Thus the only solution is to remove the pinlock from snap decisions completely and implement a standalone dbus service for pinlock dialog which can be properly confined.
Changed in unity8: | |
status: | New → Triaged |
importance: | Undecided → Critical |
importance: | Critical → Medium |
Changed in unity-notifications: | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in unity8: | |
assignee: | nobody → Mirco Müller (macslow) |
Changed in unity-notifications: | |
assignee: | nobody → Mirco Müller (macslow) |
information type: | Private Security → Public Security |
Changed in unity8 (Ubuntu): | |
assignee: | nobody → Mirco Müller (macslow) |
importance: | Undecided → Medium |
status: | New → Triaged |
no longer affects: | unity8 |
Changed in unity8 (Ubuntu): | |
assignee: | Mirco Müller (macslow) → nobody |
Changed in unity-notifications: | |
assignee: | Antti Kaijanmäki (kaijanmaki) → nobody |
To post a comment you must log in.
I suggest we do it right this time and have a dedicated service for all security-sensitive dialogs that were wrongly stuffed into notifications. The password-querying notifications should be put in this new service too.