Thank you for helping with making Ubuntu better by reporting this bug.
The reason this bug didn't get a lot of attention is probably because it
was reported without a package. It is most likely an issue in GNOME
Screensaver, so I'm assigning it to that package to make sure the right
people can
So... can we just put there code to always at each occasion clear entire
background with a big rectangle?
Or is there some reason to keep this security bug around?
Local access = silent access to see part of content of screen before
lock.
--
Security hole in screensaver! Exposes screen/desktop
Ok I will try to resolve this problem (but fell free to apply a fix if
you have it ready)
** Changed in: ubuntu
Assignee: (unassigned) = LimCore (limcore)
--
Security hole in screensaver! Exposes screen/desktop image even if screen is
LOCKED. nvidia, intel gfx; Old bug.
It happens on nividias (tested afair something like 5200fx, 7200? and
gts 220?), it also happens on intels (various i945-like).
To trigger it:
1. Wait until screen saver starts (the default black one)
2. Move mouse, you will see that the black rectangle covers only PART of the
screen (from 0,0
Confirmed on 2 laptops and 3 pc's. All laptops where using LVDS+VGA and
switching resolutions;
Or PCs where using 2 desktop users VT7, VT9, starting full screen programs,
switching between the desktops and resolutions.
** Changed in: ubuntu
Status: Incomplete = Confirmed
--
Security
This happens still.
Exploit in damn screensaver is known for at least 3 months (I also seen
and probably reported, as did others, such problems year+ ago).
Is there some contest for longest-unpatched-exploit?
While it is fun to be able to access co'workers / students / family
members / etc
It would help if we could reproduce the issue.
Could you please give detailed steps, including which game and graphics
modes that are needed to reproduce this?
** Changed in: ubuntu
Status: Confirmed = Incomplete
--
Security hole in screensaver! Exposes screen/desktop image even if
This happens still;
One case to trigger it, is for first play some fullscreen game that
switches resolution.
Then also I use VT7, -8, -9 (several X sessions).
In such use case, around 1 in 10 uses, the bug appears.
--
Security hole in screensaver! Exposes screen/desktop image even if screen
Guys, an easy (trivial!) solution would be to just make the screensaver
always clear some huge area, not just the eare which it /thinks/ is
vissible.
I guess something like...
- rectfill(screen, 0, 0, screen_w, screen_h, 0);
+ rectfill(screen, 0, 0, 9, 9, 0);
or better:
max(...)
--
Security hole in screensaver! Exposes screen/desktop image even if screen is
LOCKED. nvidia, intel gfx; Old bug.
https://bugs.launchpad.net/bugs/394691
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing
That bug #220226 seems to be a combination of
1. this bug (not clearing entire screen)
2. and nvidia (mostly) showing unitiliaized memory bug (which I also reported)
--
Security hole in screensaver! Exposes screen/desktop image even if screen is
LOCKED. nvidia, intel gfx; Old bug.
is this dup of / related to bug #220226 ?
--
Security hole in screensaver! Exposes screen/desktop image even if screen is
LOCKED. nvidia, intel gfx; Old bug.
https://bugs.launchpad.net/bugs/394691
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct
** Changed in: ubuntu
Importance: Undecided = Medium
** Changed in: ubuntu
Status: New = Confirmed
--
Security hole in screensaver! Exposes screen/desktop image even if screen is
LOCKED. nvidia, intel gfx; Old bug.
https://bugs.launchpad.net/bugs/394691
You received this bug
** Summary changed:
- [9.04 amd64 + nvidia = FAIL] security hole in screensaver
+ Security hole in screensaver! Exposes screen/desktop image even if screen is
LOCKED. nvidia, intel gfx; Old bug.
** Description changed:
When running screen saver, attacker having physical access to the
14 matches
Mail list logo