[LightDM] LightDM locking security bug
Alexis Hunt
alercah at gmail.com
Mon Feb 6 15:57:50 UTC 2017
Thank you. I will double check and then report if it is well-founded.
On Mon, Feb 6, 2017, 10:27 Yves-Alexis Perez, <corsac at debian.org> wrote:
> On Sun, 2017-02-05 at 06:00 +0000, Alexis Hunt wrote:
> > I'm not sure if this is actually a bug or a misconfiguration on my
> system,
> > but I have discovered a major security vulnerability in screen locking
> > (dm-tool lock), and I would like some advice on how to proceed with it. I
> > didn't see a bug tracker or anything on the website and do not want to
> send
> > out what could be major security bug to a public mailing list.
> >
> > My system is Debian testing and I use Xmonad as my WM.
>
> You can either report privately to the Debian security team
> (team at security.deb
> ian.org) or open a launchpad bug and tag it security (so it will be
> private).
>
> Note that dm-tool lock won't actually lock anything but (as indicated in
> the
> manpage) switch to a greeter with a hint that the screen is locked. If you
> don't have something doing the actual lock (like light-locker) then nothing
> will happen.
>
> Regards,
> --
> Yves-Alexis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/lightdm/attachments/20170206/69fddce3/attachment.html>
More information about the LightDM
mailing list