touch-packages team mailing list archive

Thread
Date

[Bug 1370017] Re: Unity Lockscreen shows unlocked desktop while shutting down

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Chris J Arges <1370017@xxxxxxxxxxxxxxxxxx>
Date: Wed, 14 Jan 2015 18:05:57 -0000
Reply-to: Bug 1370017 <1370017@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Accepted unity into trusty-proposed. The package will build now and be
available at
http://launchpad.net/ubuntu/+source/unity/7.2.4+14.04.20141217-0ubuntu1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed. In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!

** Changed in: unity (Ubuntu Trusty)
       Status: New => Fix Committed

** Tags added: verification-needed-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity in Ubuntu.
https://bugs.launchpad.net/bugs/1370017

Title:
  Unity Lockscreen shows unlocked desktop while shutting down

Status in Unity:
  Fix Committed
Status in Unity 7.2 series:
  In Progress
Status in unity package in Ubuntu:
  Fix Released
Status in unity source package in Trusty:
  Fix Committed

Bug description:
  [Impact and Test Case]

  Steps to reproduce:
  1 - Lock the screen
  2 - From the lockscreen, tell the computer to shut down / restart

  Expected behavior:
  * Session programs are closed while the screen is still locked
  * During shutdown, no user interaction is possible

  Observed behavior:
  * The lockscreen is gone immediately, with the rest of compiz (e.g. window decorations are not present)
  * But it's possible to interact with programs that are still running in the session for about 3 seconds

  Observed on an updated Trusty machine, running unity version
  7.2.2+14.04.20140714-0ubuntu1.1

  I consider this bug a security vulnerability because during those 3
  seconds it could be possible to access and interact with sensitive
  information.  Yes, it's short, but you could take a picture or even rm
  -rf / if there happened to be a root console available.

  [Regression Potential]

  An improper implementation of the fix for this issue could result in
  an indefinite hang during system shutdown, or could result in the
  problem not being completely fixed and the security vulnerability
  continuing.

  Neither appear to be the case.

  [ Other Info ]

  The Ubuntu 14.04 LTS SRU has been cherry-picked from upstream Unity
  where it has been in development-level production code in Ubuntu
  'Vivid Vervet' development release for a few months and has not
  display additional problems.

To manage notifications about this bug go to:
https://bugs.launchpad.net/unity/+bug/1370017/+subscriptions