dx-packages team mailing list archive
-
dx-packages team
-
Mailing list archive
-
Message #28059
[Bug 1416897] [NEW] static image of desktop and windows displayed instead of lockscreen
*** This bug is a security vulnerability ***
Public security bug reported:
This is a follow-on from bug 1375271(
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1375271 ), though
it may actually implicate a different underlying problem.
.
Expectation --
Given any one of the following actions:
- (from active desktop session) choosing "lock" from the Unity Panel power menu;
- (from locked session with screen turned off): using mouse movement, keystrokes, etc. to poke the screen awake; or
- (from suspend) initiating a resume,
...the expected result is to display an interactive lockscreen where the
active user's password can be entered to access the session. On this
particular machine, which is a touch hybrid, the lockscreen also
includes the Onboard soft keyboard.
.
Observed behavior --
Instead of the lockscreen, each of these actions trigger the machine to
display an image of the desktop/window session as it had been near the
time of the lock or suspend. The cursor is visible and can be moved.
The Unity Panel and Launcher usually appear as normal, although
sometimes they are missing.
Nothing happens when the user attempts to interact with the visible
session by mouse or keyboard input. Keyboard input will actually be fed
to the lockscreen's password entry window, however. So blindly typing
the password from the zombie GUI session image -- and then pressing
"enter" -- will bring up an active, working session.
TTY session logins are available by the keyboard shortcuts ctrl-
alt-F[number]. After pulling up one of these login screens (without
actually logging in), then returning with ctrl-alt-F7, the lockscreen
appears as expected.
.
Regression timeframe:
I believe this behavior began sometime during January 2015.
.
Replication:
This unexpected behavior takes place almost every time one of the listed
actions is taken. During one period of testing on 2015-01-31, the bug
disappeared for a few rounds of lock and unlock. However, it re-appeared
shortly thereafter (I believe after the next restart or suspend-resume).
.
Video attachment:
A 1-minute video (.webm, no audio) is attached showing one form of this
bug (simple lock-unlock). The main feed was taken from a smartphone,
but the video also includes an inset of what SimpleScreenRecorder (SSR)
"saw" during the process.
On "lock", the actual screen became fully black. SSR, by contrast, recorded a black screen that included a clock in the top-right.
On mouse movement, the actual screen displayed the static image of the GUI/desktop session. SSR, by contrast, recorded a delayed but normal lockscreen appearing.
.
Security tag reasoning:
This bug displays a snapshot of recent screen contents from a user's
GUI session even when the user has (actively or indirectly) locked the
session. It also prevents a user from turning on the screen to command
a user switch, go into TTY, etc. without displaying an image of her
private GUI session.
.
Current graphics-related system info:
OEM: HP Envy x360 15t (convertible hybrid notebook)
CPU/GPU: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz | Intel HD Graphics 4400
OpenGL Core Profile version: 3.3 Mesa 10.5.0-devel
OpenGL Extensions version: 3.0 Mesa 10.5.0-devel
OS: Ubuntu 14.10 64-bit
Kernel: 3.16.0-29 generic
X Server: xorg-server 2:1.16.1.901-1ubuntu1~utopic1
pixman version: 0.32.4
Please let me know if there is further config information that would be
helpful.
.
Upstream testing:
This is a production machine. I am willing to test pre-release packages
provided the testing configurations are easy to revert (such as upstream
kernels). I have been burned in the past with broken package systems
and protracted config repairs after testing experimental graphics and
video driver software. But I would still be willing give it a shot if
there is a simple and reliable process to roll back the changes.
** Affects: unity (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 lockscreen screensaver utopic
** Attachment added: "(no audio) -- user experience of lockscreen bug plus contrasting SSR recording of same events"
https://bugs.launchpad.net/bugs/1416897/+attachment/4309971/+files/lockscreen_bug_no_audio_20150201.webm
** Information type changed from Private Security to Public Security
** Description changed:
This is a follow-on from bug 1375271(
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1375271 ), though
it may actually implicate a different underlying problem.
Expectation --
Given any one of the following actions:
- - (from active desktop session) choosing "lock" from the Unity Panel power menu;
- - (from locked session with screen turned off): using mouse movement, keystrokes, etc. to poke the screen awake; or
+ - (from active desktop session) choosing "lock" from the Unity Panel power menu;
+ - (from locked session with screen turned off): using mouse movement, keystrokes, etc. to poke the screen awake; or
- (from suspend) initiating a resume,
...the expected result is to display an interactive lockscreen where the
active user's password can be entered to access the session. On this
particular machine, which is a touch hybrid, the lockscreen also
includes the Onboard soft keyboard.
Observed behavior --
Instead of the lockscreen, each of these actions trigger the machine to
display an image of the desktop/window session as it had been near the
time of the lock or suspend. The cursor is visible and can be moved.
The Unity Panel and Launcher usually appear as normal, although
sometimes they are missing.
Nothing happens when the user attempts to interact with the visible
session by mouse or keyboard input. Keyboard input will actually be fed
to the lockscreen's password entry window, however. So blindly typing
the password from the zombie GUI session image -- and then pressing
"enter" -- will bring up an active, working session.
TTY session logins are available by the keyboard shortcuts ctrl-
alt-F[number]. After pulling up one of these login screens (without
actually logging in), then returning with ctrl-alt-F7, the lockscreen
appears as expected.
-
Regression timeframe:
I believe this behavior began sometime during January 2015.
-
Replication:
This unexpected behavior takes place almost every time one of the listed actions is taken. During one period of testing on 2015-01-31, the bug disappeared for a few rounds of lock and unlock. However, it re-appeared shortly thereafter (I believe after the next restart or suspend-resume).
-
Video attachment:
A 1-minute video (.webm, no audio) is attached showing one form of this
bug (simple lock-unlock). The main feed was taken from a smartphone,
but the video also includes an inset of what SimpleScreenRecorder (SSR)
"saw" during the process.
- On "lock", the actual screen became fully black. SSR, by contrast, recorded a black screen that included a clock in the top-right.
+ On "lock", the actual screen became fully black. SSR, by contrast, recorded a black screen that included a clock in the top-right.
On mouse movement, the actual screen displayed the static image of the GUI/desktop session. SSR, by contrast, recorded a delayed but normal lockscreen appearing.
-
Security tag reasoning:
This bug displays a snapshot of recent screen contents from a user's
GUI session even when the user has (actively or indirectly) locked the
session. It also prevents a user from turning on the screen to command
a user switch, go into TTY, etc. without displaying an image of her
private GUI session.
-
Current graphics-related system info:
OEM: HP Envy x360 15t (convertible hybrid notebook)
CPU/GPU: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz | Intel HD Graphics 4400
OpenGL Core Profile version: 3.3 Mesa 10.5.0-devel
OpenGL Extensions version: 3.0 Mesa 10.5.0-devel
OS: Ubuntu 14.10 64-bit
Kernel: 3.16.0-29 generic
X Server: xorg-server 2:1.16.1.901-1ubuntu1~utopic1
pixman version: 0.32.4
Please let me know if there is further config information that would be
helpful.
-
Upstream testing:
This is a production machine. I am willing to test pre-release packages
provided the testing configurations are easy to revert (such as upstream
kernels). I have been burned in the past with broken package systems
and protracted config repairs after testing experimental graphics and
video driver software. But I would still be willing give it a shot if
there is a simple and reliable process to roll back the changes.
** Description changed:
This is a follow-on from bug 1375271(
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1375271 ), though
it may actually implicate a different underlying problem.
+
+ .
Expectation --
Given any one of the following actions:
- (from active desktop session) choosing "lock" from the Unity Panel power menu;
- (from locked session with screen turned off): using mouse movement, keystrokes, etc. to poke the screen awake; or
- (from suspend) initiating a resume,
...the expected result is to display an interactive lockscreen where the
active user's password can be entered to access the session. On this
particular machine, which is a touch hybrid, the lockscreen also
includes the Onboard soft keyboard.
+ .
Observed behavior --
Instead of the lockscreen, each of these actions trigger the machine to
display an image of the desktop/window session as it had been near the
time of the lock or suspend. The cursor is visible and can be moved.
The Unity Panel and Launcher usually appear as normal, although
sometimes they are missing.
Nothing happens when the user attempts to interact with the visible
session by mouse or keyboard input. Keyboard input will actually be fed
to the lockscreen's password entry window, however. So blindly typing
the password from the zombie GUI session image -- and then pressing
"enter" -- will bring up an active, working session.
TTY session logins are available by the keyboard shortcuts ctrl-
alt-F[number]. After pulling up one of these login screens (without
actually logging in), then returning with ctrl-alt-F7, the lockscreen
appears as expected.
+ .
+
Regression timeframe:
+
I believe this behavior began sometime during January 2015.
+ .
+
Replication:
- This unexpected behavior takes place almost every time one of the listed actions is taken. During one period of testing on 2015-01-31, the bug disappeared for a few rounds of lock and unlock. However, it re-appeared shortly thereafter (I believe after the next restart or suspend-resume).
+
+ This unexpected behavior takes place almost every time one of the listed
+ actions is taken. During one period of testing on 2015-01-31, the bug
+ disappeared for a few rounds of lock and unlock. However, it re-appeared
+ shortly thereafter (I believe after the next restart or suspend-resume).
+
+ .
Video attachment:
A 1-minute video (.webm, no audio) is attached showing one form of this
bug (simple lock-unlock). The main feed was taken from a smartphone,
but the video also includes an inset of what SimpleScreenRecorder (SSR)
"saw" during the process.
On "lock", the actual screen became fully black. SSR, by contrast, recorded a black screen that included a clock in the top-right.
On mouse movement, the actual screen displayed the static image of the GUI/desktop session. SSR, by contrast, recorded a delayed but normal lockscreen appearing.
+ .
+
Security tag reasoning:
This bug displays a snapshot of recent screen contents from a user's
GUI session even when the user has (actively or indirectly) locked the
session. It also prevents a user from turning on the screen to command
a user switch, go into TTY, etc. without displaying an image of her
private GUI session.
+
+ .
Current graphics-related system info:
OEM: HP Envy x360 15t (convertible hybrid notebook)
CPU/GPU: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz | Intel HD Graphics 4400
OpenGL Core Profile version: 3.3 Mesa 10.5.0-devel
OpenGL Extensions version: 3.0 Mesa 10.5.0-devel
OS: Ubuntu 14.10 64-bit
Kernel: 3.16.0-29 generic
X Server: xorg-server 2:1.16.1.901-1ubuntu1~utopic1
pixman version: 0.32.4
Please let me know if there is further config information that would be
helpful.
+ .
+
Upstream testing:
This is a production machine. I am willing to test pre-release packages
provided the testing configurations are easy to revert (such as upstream
kernels). I have been burned in the past with broken package systems
and protracted config repairs after testing experimental graphics and
video driver software. But I would still be willing give it a shot if
there is a simple and reliable process to roll back the changes.
--
You received this bug notification because you are a member of DX
Packages, which is subscribed to unity in Ubuntu.
Matching subscriptions: dx-packages
https://bugs.launchpad.net/bugs/1416897
Title:
static image of desktop and windows displayed instead of lockscreen
Status in unity package in Ubuntu:
New
Bug description:
This is a follow-on from bug 1375271(
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1375271 ), though
it may actually implicate a different underlying problem.
.
Expectation --
Given any one of the following actions:
- (from active desktop session) choosing "lock" from the Unity Panel power menu;
- (from locked session with screen turned off): using mouse movement, keystrokes, etc. to poke the screen awake; or
- (from suspend) initiating a resume,
...the expected result is to display an interactive lockscreen where
the active user's password can be entered to access the session. On
this particular machine, which is a touch hybrid, the lockscreen also
includes the Onboard soft keyboard.
.
Observed behavior --
Instead of the lockscreen, each of these actions trigger the machine
to display an image of the desktop/window session as it had been near
the time of the lock or suspend. The cursor is visible and can be
moved. The Unity Panel and Launcher usually appear as normal,
although sometimes they are missing.
Nothing happens when the user attempts to interact with the visible
session by mouse or keyboard input. Keyboard input will actually be
fed to the lockscreen's password entry window, however. So blindly
typing the password from the zombie GUI session image -- and then
pressing "enter" -- will bring up an active, working session.
TTY session logins are available by the keyboard shortcuts ctrl-
alt-F[number]. After pulling up one of these login screens (without
actually logging in), then returning with ctrl-alt-F7, the lockscreen
appears as expected.
.
Regression timeframe:
I believe this behavior began sometime during January 2015.
.
Replication:
This unexpected behavior takes place almost every time one of the
listed actions is taken. During one period of testing on 2015-01-31,
the bug disappeared for a few rounds of lock and unlock. However, it
re-appeared shortly thereafter (I believe after the next restart or
suspend-resume).
.
Video attachment:
A 1-minute video (.webm, no audio) is attached showing one form of
this bug (simple lock-unlock). The main feed was taken from a
smartphone, but the video also includes an inset of what
SimpleScreenRecorder (SSR) "saw" during the process.
On "lock", the actual screen became fully black. SSR, by contrast, recorded a black screen that included a clock in the top-right.
On mouse movement, the actual screen displayed the static image of the GUI/desktop session. SSR, by contrast, recorded a delayed but normal lockscreen appearing.
.
Security tag reasoning:
This bug displays a snapshot of recent screen contents from a user's
GUI session even when the user has (actively or indirectly) locked the
session. It also prevents a user from turning on the screen to
command a user switch, go into TTY, etc. without displaying an image
of her private GUI session.
.
Current graphics-related system info:
OEM: HP Envy x360 15t (convertible hybrid notebook)
CPU/GPU: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz | Intel HD Graphics 4400
OpenGL Core Profile version: 3.3 Mesa 10.5.0-devel
OpenGL Extensions version: 3.0 Mesa 10.5.0-devel
OS: Ubuntu 14.10 64-bit
Kernel: 3.16.0-29 generic
X Server: xorg-server 2:1.16.1.901-1ubuntu1~utopic1
pixman version: 0.32.4
Please let me know if there is further config information that would
be helpful.
.
Upstream testing:
This is a production machine. I am willing to test pre-release
packages provided the testing configurations are easy to revert (such
as upstream kernels). I have been burned in the past with broken
package systems and protracted config repairs after testing
experimental graphics and video driver software. But I would still be
willing give it a shot if there is a simple and reliable process to
roll back the changes.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1416897/+subscriptions
Follow ups
References