** Tags added: community-security ** Information type changed from Private Security to Public Security
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1806961 Title: Lock can be circumvented by switching tty when using lightdm Status in lightdm package in Ubuntu: Confirmed Bug description: Steps to reproduce (only works on X11, not on wayland): 1) install lightdm a) run "sudo apt install lightdm" on a fresh 18.04 install of ubuntu b) switch to lightdm with "sudo dpkg-reconfigure gdm3" c) reboot to make the login manager switch take effect 2) log in to your account 3) click switch user (clicking lock should also work) in the dropdown in the top right corner 4) switch to a different tty (ctrl+alt+f2 for example) 5) switch back to your original tty (with lightdm usally tty 7) You are now logged back in your account without having to type your password. I have marked lightdm as the vulnerable package because all I had to do to reproduce the issue was install lightdm with "sudo apt install lightdm" and then switch to lightdm with "sudo dpkg-reconfigure gdm3" So I think something should either be changed in lightdm or in dpkg- reconfigure. I have been told that I should be using light-locker instead of dm-tool, but I have no idea what those things are, or how to switch between them, i'm just clicking switch user. The user does not know, and is never informed of the existence of these tools. Since neither apt, nor dpkg-reconfigure warns me that i should use lightlocker instead of dm-tool, I think this is still a security vulnerability, because a user that wants to use lightdm and installs it by quickly searching online for "how to switch login managers" will not be informed of this vulnerability. Extra info: ubuntu 18.04 (fully up to date) lightdm version 1.26.0-0ubuntu1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1806961/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
