FS#46799 - [lightdm] Broken VT switching

Attached to Project: Arch Linux
Opened by Dustin Falgout (lots0logs) - Monday, 19 October 2015, 13:26 GMT
Last edited by Eli Schwartz (eschwartz) - Sunday, 14 October 2018, 04:36 GMT
Task Type Bug Report
Category Upstream Bugs
Status Closed
Assigned To Maxime Gauduin (Alucryd)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

Description: There is a bug in lightdm which causes VT switching to break when setting "minimum-vt" < 7 in lightdm.conf. If commented out or set to the default value (7) VT switching works properly. This bug has security implications because while VT switching is broken, all keyboard input is being captured on what appears to be an inaccessible login terminal. Each time you hit the enter key a log-in attempt is made and, of course, fails. The failure is logged in the systemd journal. The journal message can (and often does) contain passwords the user entered into other services during normal use of their desktop.

We are setting the minimum-vt to "1" by default. This should be changed temporarily, if not permanently. Since changing the value in the package will not resolve the issue for users who already have it installed, an advisory should be presented to the user.


Additional info:
* lightdm 1:1.16.3-1
* /etc/lightdm.conf
This task depends upon

Closed by  Eli Schwartz (eschwartz)
Sunday, 14 October 2018, 04:36 GMT
Reason for closing:  Fixed
Additional comments about closing:  a long time ago
Comment by Dustin Falgout (lots0logs) - Monday, 19 October 2015, 13:26 GMT
Sorry, forgot to include link to bug report on launchpad: https://bugs.launchpad.net/lightdm/+bug/1457049
Comment by Maxime Gauduin (Alucryd) - Sunday, 07 February 2016, 09:50 GMT
Our package has defaulted to a minimum vt of 7 for a while now (including in 1:1.16.3-1), granted it was at 1 for a time but most users should have pacdiffed the changes by now. Added a warning in the conf file nonetheless.

Loading...