dx-packages team mailing list archive
-
dx-packages team
-
Mailing list archive
-
Message #17855
[Bug 1342903] [NEW] unity retains focus on virtualbox session when locked
Public bug reported:
While using virtualbox in fullscreen mode, CTRL + ALT + L, leaves focus
with the virtual machine. However this still locks the host's unity
session. This leaves all key events trapped in the virtual machine, so
typing in your password becomes impossible. After a reboot all
functionality returned.
This could be a potential security hazard, depending on the virtual
machine being used, as it allows arbitrary commands to be executed
through a locked unity session without any authentication.
lsb_release -rd
Description: Ubuntu 14.04 LTS
Release: 14.04
apt-cache policy unity
unity:
Installed: 7.2.1+14.04.20140513-0ubuntu2
Candidate: 7.2.1+14.04.20140513-0ubuntu2
Version table:
*** 7.2.1+14.04.20140513-0ubuntu2 0
500 http://ca.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
100 /var/lib/dpkg/status
** Affects: unity (Ubuntu)
Importance: Undecided
Status: New
** Tags: lockscreen trusty unity virtualbox
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of DX
Packages, which is subscribed to unity in Ubuntu.
Matching subscriptions: dx-packages
https://bugs.launchpad.net/bugs/1342903
Title:
unity retains focus on virtualbox session when locked
Status in “unity” package in Ubuntu:
New
Bug description:
While using virtualbox in fullscreen mode, CTRL + ALT + L, leaves
focus with the virtual machine. However this still locks the host's
unity session. This leaves all key events trapped in the virtual
machine, so typing in your password becomes impossible. After a reboot
all functionality returned.
This could be a potential security hazard, depending on the virtual
machine being used, as it allows arbitrary commands to be executed
through a locked unity session without any authentication.
lsb_release -rd
Description: Ubuntu 14.04 LTS
Release: 14.04
apt-cache policy unity
unity:
Installed: 7.2.1+14.04.20140513-0ubuntu2
Candidate: 7.2.1+14.04.20140513-0ubuntu2
Version table:
*** 7.2.1+14.04.20140513-0ubuntu2 0
500 http://ca.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
100 /var/lib/dpkg/status
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1342903/+subscriptions
Follow ups
References