[Bug 376253] [NEW] KDE Screen lock siezes if keys are held down while waiting for password

Vik vik at catalyst.net.nz
Wed May 13 23:22:27 UTC 2009


Public bug reported:

Binary package hint: kdebase-workspace-bin

If the KDE Desktop is allowed to blank the screen and lock itself, and
an object (usually a cat, but occasionally a malicious attacker) then
rests on the keyboard causing the password prompt to appear, the
password entry routine will hang once sufficient key repeats have
happened.

The user cannot then unlock the KDE desktop.

As a temporary fix I have SSH'd into colleagues machines and killed the
krunner_lock process.

This was noted on current Jaunty 9.04 installations with both USB and
internal laptop keyboards.

Technically this may be considered a security issue as it bears all the
hallmarks of a DoS attack.

** Affects: kdebase-workspace (Ubuntu)
     Importance: Undecided
         Status: New

-- 
KDE Screen lock siezes if keys are held down while waiting for password
https://bugs.launchpad.net/bugs/376253
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kdebase-workspace in ubuntu.




More information about the kubuntu-bugs mailing list