[regression] lock screen bypass with touchpad
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Unity |
Fix Released
|
Critical
|
Andrea Azzarone | ||
7.2 |
Fix Released
|
Critical
|
Andrea Azzarone | ||
unity (Ubuntu) |
Fix Released
|
Critical
|
Andrea Azzarone | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Inpact]
Using 3/4-fingers gestures in touchpads when unity is locked might make the switcher or the dash to show up
[Test case]
1) Lock the unity screen with Super+L
2) Use the [1] three fingers gesture to show the switcher or the four fingers tap to
show the dash
3) Nothing should be shown.
[Regression Potential]
There's basically no regression potential. Geistures are just disabled when the screen is locked.
[1] https:/
-----
László Gyaraki has reported a lock screen bypass using the touchpad; his video appears to use three-finger or four-finger use of his touchpad in conjunction with some gestures to bring up windows from the locked session.
His demonstration video can be found here: http://
Thanks
Related branches
- Marco Trevisan (Treviño): Approve
- PS Jenkins bot (community): Approve (continuous-integration)
-
Diff: 123 lines (+57/-1)5 files modifiedplugins/unityshell/src/GesturalWindowSwitcher.cpp (+3/-0)
plugins/unityshell/src/GesturalWindowSwitcher.h (+1/-0)
tests/test-gestures/LockScreenControllerMock.h (+43/-0)
tests/test-gestures/sed_script_switcher (+2/-0)
tests/test-gestures/unityshell_mock.h (+8/-1)
- Marco Trevisan (Treviño): Approve
-
Diff: 3472 lines (+1152/-478)54 files modifiedUnityCore/GnomeSessionManager.cpp (+32/-0)
UnityCore/GnomeSessionManagerImpl.h (+4/-0)
UnityCore/SessionManager.h (+4/-0)
dash/DashController.cpp (+3/-1)
debian/changelog (+59/-0)
hud/HudController.cpp (+1/-0)
launcher/AbstractLauncherIcon.h (+3/-2)
launcher/ApplicationLauncherIcon.cpp (+20/-19)
launcher/ApplicationLauncherIcon.h (+0/-1)
launcher/Launcher.cpp (+26/-10)
launcher/LauncherIcon.cpp (+7/-3)
launcher/LauncherIcon.h (+2/-1)
launcher/SwitcherView.cpp (+54/-31)
launcher/SwitcherView.h (+3/-4)
launcher/TrashLauncherIcon.cpp (+1/-0)
launcher/VolumeLauncherIcon.cpp (+1/-0)
lockscreen/LockScreenAbstractShield.h (+0/-1)
lockscreen/LockScreenController.cpp (+2/-3)
lockscreen/LockScreenShield.cpp (+0/-6)
lockscreen/LockScreenShield.h (+0/-1)
lockscreen/UserPromptView.cpp (+8/-99)
lockscreen/UserPromptView.h (+1/-13)
panel/PanelIndicatorEntryView.cpp (+7/-0)
plugins/unityshell/src/GesturalWindowSwitcher.cpp (+3/-0)
plugins/unityshell/src/GesturalWindowSwitcher.h (+1/-0)
plugins/unityshell/src/unityshell.cpp (+57/-50)
plugins/unityshell/src/unityshell.h (+2/-0)
po/POTFILES.in (+1/-0)
po/unity.pot (+70/-3)
shortcuts/ShortcutController.cpp (+4/-6)
shortcuts/ShortcutView.cpp (+113/-48)
shortcuts/ShortcutView.h (+9/-3)
shutdown/SessionButton.cpp (+30/-5)
shutdown/SessionButton.h (+5/-0)
shutdown/SessionController.cpp (+2/-0)
shutdown/SessionView.cpp (+68/-27)
shutdown/SessionView.h (+5/-0)
tests/test-gestures/LockScreenControllerMock.h (+43/-0)
tests/test-gestures/sed_script_switcher (+2/-0)
tests/test-gestures/unityshell_mock.h (+8/-1)
tests/test_lockscreen_controller.cpp (+0/-1)
tests/test_switcher_view.cpp (+1/-2)
tests/test_unity_window_view.cpp (+9/-9)
unity-shared/EMConverter.cpp (+2/-2)
unity-shared/IMTextEntry.cpp (+7/-0)
unity-shared/IMTextEntry.h (+2/-0)
unity-shared/PluginAdapter.cpp (+43/-10)
unity-shared/RawPixel.cpp (+1/-1)
unity-shared/TextInput.cpp (+178/-4)
unity-shared/TextInput.h (+19/-4)
unity-shared/UnityWindowStyle.cpp (+135/-62)
unity-shared/UnityWindowStyle.h (+35/-20)
unity-shared/UnityWindowView.cpp (+53/-25)
unity-shared/UnityWindowView.h (+6/-0)
- Unity Team: Pending requested
-
Diff: 1674 lines (+1380/-30) (has conflicts)7 files modifiedCMakeLists.txt (+5/-0)
ChangeLog (+1162/-0)
debian/changelog (+77/-26)
debian/control (+1/-1)
po/unity.pot (+70/-3)
shutdown/SessionView.cpp (+55/-0)
shutdown/SessionView.h (+10/-0)
tags: | added: lockscreen |
Changed in unity: | |
importance: | Undecided → Critical |
assignee: | nobody → Andrea Azzarone (andyrock) |
Changed in unity (Ubuntu): | |
assignee: | nobody → Andrea Azzarone (andyrock) |
summary: |
- lock screen bypass with touchpad + [regression] lock screen bypass with touchpad |
Changed in unity: | |
status: | New → In Progress |
Changed in unity (Ubuntu): | |
status: | New → In Progress |
Changed in unity: | |
milestone: | none → 7.2.1 |
Changed in unity (Ubuntu): | |
importance: | Undecided → Critical |
Changed in unity: | |
milestone: | 7.2.1 → 7.2.2 |
Changed in unity: | |
status: | In Progress → Fix Committed |
milestone: | 7.2.2 → 7.3.0 |
Changed in unity: | |
status: | Fix Committed → Fix Released |
description: | updated |
tags: |
added: verification-done removed: verification-needed |
I'm having trouble downloading this video, could you, to make triagers' lives easier, textually describe the actions the video's author takes?