Ubuntu
ubuntu-meta package

Loose security on locked screen

Asked by cliffcarusa

What happens:
Screen lock: prior to login the system responds to the first several characters typed and responds to mouse or trackpad movements.

For security sake; Shouldn't this be tightened up?

What should not happen:
Input buffer should not accept signals (ie: characters, keyboard strokes; and not mouse or trackball inputs.

What could potentially happen:
the Hack of system by way of buffer use; thru the momentary laspe of security during the first instance of "locked screen" activity just prior to a login.

Try it and you'll see.

Let me know what your thoughts are:

cliffcarusa at gmail dot com

Question information

Language:
English Edit question
Status:
Expired
For:
Ubuntu ubuntu-meta Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

I suggest you report a bug and mark it as a security bug

Revision history for this message
cliffcarusa (cliffcarusa) said : 		#2

What exactly does "Confirmed => Invalid" mean?
It remains a problem, a "loose security" issue within Ubuntu.

On Thu, Mar 29, 2012 at 5:50 PM, Tim Penhey <
<email address hidden>> wrote:

> Bug #946888 status changed in compiz in Ubuntu Precise:
>
> Confirmed => Invalid
>
> https://bugs.launchpad.net/ubuntu/precise/+source/compiz/+bug/946888
> "Dash can be activated while screen is locked"
>
> This bug is linked to #189553.
> Loose security on locked screen
> https://answers.launchpad.net/ubuntu/+source/ubuntu-meta/+question/189553
>
> --
> You received this question notification because you asked the question.
>

Revision history for this message
Launchpad Janitor (janitor) said : 		#3

This question was expired because it remained in the 'Open' state without activity for the last 15 days.