lock screen bypass with ctrl+alt+t
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| Unity |
Fix Released
|
Critical
|
Marco Trevisan (Treviño) | |
| unity (Ubuntu) |
Critical
|
Unassigned | ||
| Trusty |
Critical
|
Marco Trevisan (Treviño) | ||
| Utopic |
Critical
|
Unassigned |
Bug Description
I can still bypass the logscreen by rightclicking the indicators some times and then pressing CTRL+ALT+t.
I lock the screen with CTRL+ALT+L.
Then i rightclick on the indicators ( volume, calendar, shutdown) a few times. I have not yet figured out if one of them is the cause... But pressing CTRL+ALT+T shortly after some of those events will open a terminal that i can type into and that will execute commands.
Related branches
- Brandon Schaefer (community): Approve on 2014-04-29
-
Diff: 75 lines (+27/-10)3 files modifiedlockscreen/LockScreenPanel.cpp (+7/-0)
lockscreen/LockScreenShield.cpp (+1/-0)
services/panel-service.c (+19/-10)
information type: | Private Security → Public Security |
Marc Deslauriers (mdeslaur) wrote : | #2 |
Yes, we've managed to reproduce this, and are working on a fix. Thanks.
Changed in unity (Ubuntu Trusty): | |
status: | New → Confirmed |
importance: | Undecided → Critical |
Changed in unity (Ubuntu Utopic): | |
importance: | Undecided → Critical |
Changed in unity (Ubuntu Trusty): | |
assignee: | nobody → Marco Trevisan (Treviño) (3v1n0) |
Changed in unity: | |
status: | New → In Progress |
assignee: | nobody → Marco Trevisan (Treviño) (3v1n0) |
importance: | Undecided → Critical |
milestone: | none → 7.2.1 |
Changed in unity (Ubuntu Trusty): | |
status: | Confirmed → In Progress |
Marc Deslauriers (mdeslaur) wrote : | #3 |
Here's a quick status update:
We've been testing some updates to correct this issue, and they solve the problem. While testing, the original bug reporter discovered a regression in the shut down dialogue, which we will address before releasing an update.
Thank you for your patience.
Launchpad Janitor (janitor) wrote : | #4 |
This bug was fixed in the package unity - 7.2.0+14.
---------------
unity (7.2.0+
* SECURITY UPDATE: more lock screen bypass issues, and regression with
shutdown dialog (LP: #1314247)
- debian/
lockscree
services/
lockscree
tests/
-- Marc Deslauriers <email address hidden> Wed, 30 Apr 2014 11:11:18 -0400
Changed in unity (Ubuntu Trusty): | |
status: | In Progress → Fix Released |
Changed in unity (Ubuntu Utopic): | |
status: | Confirmed → Fix Released |
Changed in unity: | |
status: | In Progress → Fix Committed |
Changed in unity: | |
status: | Fix Committed → Fix Released |
Status changed to 'Confirmed' because the bug affects multiple users.