Ubuntu
policykit-1-gnome package

policykit password dialog should grab keyboard

Bug #630226 reported by komputes
264
This bug affects 1 person
Affects Status Importance Assigned to Milestone
policykit-1-gnome (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

Binary package hint: policykit

policykit password dialog is insecure as they have the ability of being overlapped by another window opening. For example, a dialog is presented, nautilus presents another window due to inserting a disk. You password is now shown in the bottom right of the nautilus window as if you were searching for a filename within the window. You password is presented to anyone watching in cleartext.

Expecting: In 8.04 we had consistency. All password prompts in the GUI used gksudo which grayed out the rest of the screen blocking any interference from other apps. We have lost that security and introduced inconsistencies in the way of entering a password meaning anyone could write a program asking for a password and a user would not know. Policykit also asks for a password for each administrative utility (unlike gksudo which remembered that you used it for ~15 min).

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: policykit (not installed)
ProcVersionSignature: Ubuntu 2.6.32-24.42-generic 2.6.32.15+drm33.5
Uname: Linux 2.6.32-24-generic i686
Architecture: i386
Date: Sat Sep 4 09:54:47 2010
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Release Candidate i386 (20100419.1)
ProcEnviron:
 LANGUAGE=en_US:en_CA:en
 LANG=en_US.utf8
 SHELL=/bin/bash
SourcePackage: policykit

Jamie Strandboge (jdstrand)
visibility: private → public
Kees Cook (kees)
Changed in policykit (Ubuntu):
status: New → Confirmed
importance: Undecided → Medium
assignee: nobody → Canonical Desktop Team (canonical-desktop-team)
Revision history for this message
Rick Spencer (rick-rickspencer3) wrote :

I think the design for this should be considered under the rubric of notifications. I'll subscribe mpt to see if we can get some feedback regarding how the pol-kit password notification should work from a Ux perspective.

Revision history for this message
Chris Coulson (chrisccoulson) wrote :

Note that davidz has said before that the long term plan is to have the authentication agent running in a separate session, which will help to avoid issues like this.

Revision history for this message
Chris Coulson (chrisccoulson) wrote :

Oops, forgot the link: http://lists.freedesktop.org/archives/polkit-devel/2009-November/000251.html

affects: policykit (Ubuntu) → policykit-1-gnome (Ubuntu)
Revision history for this message
Martin Pitt (pitti) wrote :

The password dialog should grab the keyboard and mouse, similarly to gksu.

summary: - policykit password dialog is insecure
+ policykit password dialog should grab keyboard
Martin Pitt (pitti)
Changed in policykit-1-gnome (Ubuntu):
assignee: Canonical Desktop Team (canonical-desktop-team) → nobody
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

I haven't seen this in Ubuntu 11.04. Is this still a problem?

Changed in policykit-1-gnome (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
status: Confirmed → Incomplete
Revision history for this message
komputes (komputes) wrote :

On quick systems you will not see an issue with this. On slow systems a policykit auth window may show up after having clicked something else. The face that the dialog does not take focus and block input into other windows is still an issue. This is better explained in Bug #651734: Policykit password dialogs are insecure as they do not keep focus.

Jamie Strandboge (jdstrand)
Changed in policykit-1-gnome (Ubuntu):
assignee: Jamie Strandboge (jdstrand) → nobody
status: Incomplete → Confirmed
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Related blueprints

Remote bug watches

Bug watches keep track of this bug in other bug trackers.