Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access - Debian

This is a discussion on Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access - Debian ; Hi KDE users, anyone has experiment something like this: On Fri, Mar 30, 2007 at 03:39:02PM +0100, Sheridan Hutchinson wrote: > Package: klaptopdaemon > Version: 4:3.5.5-3 > Severity: grave > Tags: security > Justification: user security hole > > Hi, ...

+ Reply to Thread
Results 1 to 10 of 10

Thread: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

  1. Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    Hi KDE users,

    anyone has experiment something like this:

    On Fri, Mar 30, 2007 at 03:39:02PM +0100, Sheridan Hutchinson wrote:
    > Package: klaptopdaemon
    > Version: 4:3.5.5-3
    > Severity: grave
    > Tags: security
    > Justification: user security hole
    >
    > Hi, I'm using Etch RC2 and I use klaptopdaemon to lock and hibernate my
    > laptop when I noticed an interesting little bug. I access lock and
    > hibernate by right-clicking on the system tray icon and clicking on the
    > option there.
    >
    > Depending on the load on the system, klaptopdaemon appears to be
    > allowing somone unhibernating a locked & hibernated system, brief access
    > to the desktop.
    >
    > The first time that I noticed this I was able to start accessing a
    > previously opened terminal and got 'ls -la' into the terminal, and to
    > get the directory listing, before the screenlock was brought up.
    >
    > I have tried to replicate this and catch it on my phone camera, although
    > I have been unable to replicate the system load of the first time I
    > caught it. However, I attach move00064.3gp which is video of me
    > trying to replicate this, and you can see that just after coming out of
    > hibernate and once the X scree is brough back up, you can see a flash of
    > my desktop. When I first noticed this bug, I believe my system was
    > under considerable load and I was able to interfere with the desktop at
    > my leisure, until the screenlock was brought up.
    >
    > As a recollection, Windows NT 3.xx had a bug like this in the distant
    > past, and that knowlege brought me to notice this flaw.
    >
    > I will do further experiments with system load and other factors to see
    > if I can get access to desktop for a prolonged period of time again. If
    > I was able to get up a terminal, and it was root logged on, presumably I
    > could kill off the process that would launch the screenlock before it
    > had a chance and have my wicked way with the desktop?
    >
    > FYI I'm using an IBM Thinkpad X40.
    >
    > I hope this helps!
    >
    >
    > -- System Information:
    > Debian Release: 4.0
    > APT prefers testing
    > APT policy: (500, 'testing')
    > Architecture: i386 (i686)
    > Shell: /bin/sh linked to /bin/bash
    > Kernel: Linux 2.6.18
    > Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
    >
    > Versions of packages klaptopdaemon depends on:
    > ii kdelibs4c2a 4:3.5.5a.dfsg.1-6 core libraries and binaries for al
    > ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
    > ii libgcc1 1:4.1.1-21 GCC support library
    > ii libqt3-mt 3:3.3.7-3 Qt GUI Library (Threaded runtime v
    > ii libstdc++6 4.1.1-21 The GNU Standard C++ Library v3
    > ii libxtst6 1:1.0.1-5 X11 Testing -- Resource extension
    >
    > klaptopdaemon recommends no packages.
    >
    > -- no debconf information



    You can read the full bug report (and download the video) from
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416824

    Thanks,
    Ana


    --
    To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  2. Re: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    On Mon, Apr 02, 2007 at 04:48:04PM +0100, Ana Guerrero wrote:
    > anyone has experiment something like this:
    >
    > On Fri, Mar 30, 2007 at 03:39:02PM +0100, Sheridan Hutchinson wrote:
    > > Depending on the load on the system, klaptopdaemon appears to be
    > > allowing somone unhibernating a locked & hibernated system, brief access
    > > to the desktop.


    Yes, I notice this once in a while as well. Looks like the "Lock &
    Hibernate" function kicks off the screen saver, but sends the system
    into hibernation before the screen saver has fully started up.

    Greetings
    Marc

    --
    -----------------------------------------------------------------------------
    Marc Haber | "I don't trust Computers. They | Mailadresse im Header
    Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
    Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835


    --
    To UNSUBSCRIBE, email to debian-kde-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  3. Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    > > Hi, I'm using Etch RC2 and I use klaptopdaemon to lock and hibernate my
    > > laptop when I noticed an interesting little bug. I access lock and
    > > hibernate by right-clicking on the system tray icon and clicking on the
    > > option there.


    I have absolutely only very little clue about this, but I took a look at the
    klaptopdaemon sources - and it seems it invokes the lock command and after
    that it invokes hibernate.

    It might be that the lock command returns immediately while the locking canbe
    delayed for some reasons.

    I have tried to add a extra check if the screen is locked before running the
    hibernate.

    I have not been able to reproduce this bug - so I don't know. I don't have a
    system running with hibernate, so ...

    The packages at
    http://users.alioth.debian.org/~pusl..._3.5.5-3sune1/ is
    100% untested - the only thing I know is that they compiles, so this is some
    standard disclaimer: Use it on your own responsibility and don't blame me if
    your computer explodes or your wife starts cheating on you.

    but the packages do have a small patch applied that might or might not work.

    The patch:

    Index: kdeutils/klaptopdaemon/daemondock.cpp
    ================================================== =================
    --- kdeutils/klaptopdaemon/daemondock.cpp (revision 646499)
    +++ kdeutils/klaptopdaemon/daemondock.cpp (working copy)
    @@ -501,7 +501,13 @@
    {
    DCOPClient* client = kapp->dcopClient();
    if (client)
    + {
    client->send("kdesktop", "KScreensaverIface", "lock()", "");
    + while ( !
    client->send("kdesktop", "KScreensaverIface", "isBlanked()", ""))
    + {
    + usleep(20000);
    + }
    + }
    laptop_portable::invoke_hibernation();
    }
    void laptop_dock::invokeStandby()


    /Sune
    --
    How might I delete the device?

    From the preferences within AutoCAD 7.4 you have to log from the softwareto
    digit from the RO virus on a gadget.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQBGEX1VnMvaFgH6i0oRAhYJAJ4x0NT7Q7Yyo5QjFG2G19 rzYtp4VwCfT6VT
    RlmkM1zvxQRH7d1AXKGHKVM=
    =HThm
    -----END PGP SIGNATURE-----


  4. Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    Sune Vuorela wrote:
    >>> Hi, I'm using Etch RC2 and I use klaptopdaemon to lock and hibernate my
    >>> laptop when I noticed an interesting little bug. I access lock and
    >>> hibernate by right-clicking on the system tray icon and clicking on the
    >>> option there.

    >
    > I have absolutely only very little clue about this, but I took a look at the
    > klaptopdaemon sources - and it seems it invokes the lock command and after
    > that it invokes hibernate.
    >
    > It might be that the lock command returns immediately while the lockingcan be
    > delayed for some reasons.
    >
    > I have tried to add a extra check if the screen is locked before running the
    > hibernate.
    >
    > I have not been able to reproduce this bug - so I don't know. I don't have a
    > system running with hibernate, so ...


    FWIW, kpowersave has exactly the same problem:
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406997

    Cheers,
    Michael
    --
    Why is it that all of the instruments seeking intelligent life in the
    universe are pointed away from Earth?


    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFGEan1h7PER70FhVQRAtFMAJ9QP6+kHCdiGuvMbxpNjP W4ZCFypgCfTkRM
    MaKzcw7/P50NRx8NDHOf7iQ=
    =635f
    -----END PGP SIGNATURE-----


  5. Re: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    Hello:

    El Lunes, 2 de Abril de 2007 20:42, Marc Haber escribió:
    > On Mon, Apr 02, 2007 at 04:48:04PM +0100, Ana Guerrero wrote:
    > > anyone has experiment something like this:
    > >
    > > On Fri, Mar 30, 2007 at 03:39:02PM +0100, Sheridan Hutchinson wrote:
    > > > Depending on the load on the system, klaptopdaemon appears to be
    > > > allowing somone unhibernating a locked & hibernated system, brief
    > > > access to the desktop.


    I think the first step step is knowing what procedure is used in order to
    hibernate. Is this guy using the hibernate scripts? is he using suspend or
    suspend2 method ?

    Maybe part of this information is not relevant, but there are some guessing
    that could be done. I guess this happens using the hibernate scripts, and
    doesn't seem to me that the hibernate method is not relevant.

    For example, I remember hibernate scripts suffered from
    what I consider a kde "bug" which made a dcop call for locking the screen
    block the hibernate script, so even the hibernation could complete, the
    desktop couldn't be locked.

    What I'm trying to say is that maybe this is not a klaptodaemon problem, but
    instead the hibernate scripts. Following the previous rationale, the dcop
    call to KScreensaverIface lock should block and that seems to me. Problem is
    that I'm on 3.5.6 right now so i can't test.

    I tested this using a text console and calling the involved dcop call like
    this:

    DISPLAY=:0 dcop kdesktop kScreensaverIface lock

    The first time it took 1.5secs approximately but on the second consecutive
    call, it just took 0.5secs to return to command line. Unlocking the kde
    session and then trying again I got same cualitative results.

    >
    > Yes, I notice this once in a while as well. Looks like the "Lock &
    > Hibernate" function kicks off the screen saver, but sends the system
    > into hibernation before the screen saver has fully started up.
    >


    True, so if we want kdelaptop solves the problem we should use a solutionas
    the one proposed by Sune, or alternatively we would need to get a verbose
    hibernate log and analyse it, increasing the LogVerbosity value up to 9 in
    the hibernate common.conf located at /etc/hibernate.


    > Greetings
    > Marc
    >



    --
    Raúl Sánchez Siles
    ----->Proud Debian user<-----
    Linux registered user #416098

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQBGE0vcSbRPhLCoLYYRAgd9AJ4/0eqhWT4O0y76kU4DixexC9yuagCeJFpR
    myOQA0h2YgwiP0EiidHR/t4=
    =fuuB
    -----END PGP SIGNATURE-----


  6. Re: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    On Wed, Apr 04, 2007 at 08:55:19AM +0200, Raúl Sánchez Siles wrote:
    > El Lunes, 2 de Abril de 2007 20:42, Marc Haber escribió:
    > > On Mon, Apr 02, 2007 at 04:48:04PM +0100, Ana Guerrero wrote:
    > > > anyone has experiment something like this:
    > > >
    > > > On Fri, Mar 30, 2007 at 03:39:02PM +0100, Sheridan Hutchinson wrote:
    > > > > Depending on the load on the system, klaptopdaemon appears to be
    > > > > allowing somone unhibernating a locked & hibernated system, brief
    > > > > access to the desktop.

    >
    > I think the first step step is knowing what procedure is used in order to
    > hibernate. Is this guy using the hibernate scripts? is he using suspend or
    > suspend2 method ?


    How do I find out what I use?

    > True, so if we want kdelaptop solves the problem we should use a solution as
    > the one proposed by Sune, or alternatively we would need to get a verbose
    > hibernate log and analyse it, increasing the LogVerbosity value up to 9 in
    > the hibernate common.conf located at /etc/hibernate.


    I do not have an /etc/hibernate directory.

    Greetings
    Marc

    --
    -----------------------------------------------------------------------------
    Marc Haber | "I don't trust Computers. They | Mailadresse im Header
    Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
    Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190


    --
    To UNSUBSCRIBE, email to debian-kde-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  7. Re: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    El Miércoles, 4 de Abril de 2007 11:34, Marc Haber escribió:
    > On Wed, Apr 04, 2007 at 08:55:19AM +0200, Raúl Sánchez Siles wrote:
    > > El Lunes, 2 de Abril de 2007 20:42, Marc Haber escribió:
    > > > On Mon, Apr 02, 2007 at 04:48:04PM +0100, Ana Guerrero wrote:
    > > > > anyone has experiment something like this:
    > > > >
    > > > > On Fri, Mar 30, 2007 at 03:39:02PM +0100, Sheridan Hutchinson wrote:
    > > > > > Depending on the load on the system, klaptopdaemon appears to be
    > > > > > allowing somone unhibernating a locked & hibernated system, brief
    > > > > > access to the desktop.

    > >
    > > I think the first step step is knowing what procedure is used in order
    > > to hibernate. Is this guy using the hibernate scripts? is he using
    > > suspend or suspend2 method ?

    >
    > How do I find out what I use?
    >
    > > True, so if we want kdelaptop solves the problem we should use a
    > > solution as the one proposed by Sune, or alternatively we would need to
    > > get a verbose hibernate log and analyse it, increasing the LogVerbosity
    > > value up to 9 in the hibernate common.conf located at /etc/hibernate.

    >
    > I do not have an /etc/hibernate directory.
    >
    > Greetings
    > Marc
    >


    From this I guess you are using uswsusp. please check that package hibernate
    is _not_ installed and that uswsusp _is_. If you don't know how to do this
    check the existance of the dirs /usr/share/doc/uswsusp
    and /usr/share/doc/hibernate. If the dir doesn't exist, then the package is
    not installed.

    Unfortunately I thing I ran out of ideas, so maybe tweaking klaptopdaemon
    code would be the only solution. In this case, maybe some chat with kde
    people would help to do a sensible thing with this.

    --
    Raúl Sánchez Siles
    ----->Proud Debian user<-----
    Linux registered user #416098

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQBGE98ISbRPhLCoLYYRAmZzAJ9q72+tDMCPzJm8xISAV3 gbo7ZJ2wCfb+ZS
    I0wqssBeBhtv4MKWOC2prMk=
    =WF8U
    -----END PGP SIGNATURE-----


  8. Re: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    On Wed, Apr 04, 2007 at 07:23:11PM +0200, Raúl Sánchez Siles wrote:
    > From this I guess you are using uswsusp. please check that package hibernate
    > is _not_ installed and that uswsusp _is_.


    $ dpkg --list hibernate
    No packages found matching hibernate.
    [2/502]mh@scyw00225:~$ dpkg --list uswsusp
    Desired=Unknown/Install/Remove/Purge/Hold
    | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
    |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
    ||/ Name Version Description
    +++-==============-==============-============================================
    un uswsusp (no description available)

    > If you don't know how to do this


    I am a DD just inexperienced with suspend/hibernate stuff.

    > check the existance of the dirs /usr/share/doc/uswsusp and
    > /usr/share/doc/hibernate.


    [3/503]mh@scyw00225:~$ ls -al /usr/share/doc/uswsusp
    ls: /usr/share/doc/uswsusp: No such file or directory
    [4/504]mh@scyw00225:~$ ls -al /usr/share/doc/hibernate
    ls: /usr/share/doc/hibernate: No such file or directory
    [5/505]mh@scyw00225:~$

    > If the dir doesn't exist, then the package is not installed.


    Looks like neither is.

    Greetings
    Marc

    --
    -----------------------------------------------------------------------------
    Marc Haber | "I don't trust Computers. They | Mailadresse im Header
    Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
    Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190


    --
    To UNSUBSCRIBE, email to debian-kde-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  9. Re: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access

    forwarded 416824 https://bugs.kde.org/show_bug.cgi?id=143859
    thanks

    El Martes, 3 de Abril de 2007 00:01, Sune Vuorela escribió:
    > > > Hi, I'm using Etch RC2 and I use klaptopdaemon to lock and hibernate my
    > > > laptop when I noticed an interesting little bug. I access lock and
    > > > hibernate by right-clicking on the system tray icon and clicking on the
    > > > option there.

    >
    > I have absolutely only very little clue about this, but I took a look at
    > the klaptopdaemon sources - and it seems it invokes the lock command and
    > after that it invokes hibernate.
    >
    > It might be that the lock command returns immediately while the locking can
    > be delayed for some reasons.
    >

    After some conversation on #kde they pointed me the reason is indeed that,
    but instead of carrying out the test Sune proposed it suggested me a "smarter
    kde way" (TM) which consists of substituing the asynchronous "send" dcop API
    call by a "call" which is synchronous.

    I also opened a bug on kde and there is a proposed patch

    --
    Raúl Sánchez Siles
    ----->Proud Debian user<-----
    Linux registered user #416098

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQBGFEXCSbRPhLCoLYYRAtFRAKCJFQDuE8pAeTxubAdrjL 6rcd9o9QCdFRNu
    IkoqK0mVJz0K+SNZ34d4arA=
    =6Atm
    -----END PGP SIGNATURE-----


  10. Re: Bug#416824: klaptopdaemon: lock & hibernate allowing unauthorised access


    Hola Raúl,

    On Thu, Apr 05, 2007 at 02:41:32AM +0200, Raúl Sánchez Siles wrote:
    > forwarded 416824 https://bugs.kde.org/show_bug.cgi?id=143859
    > thanks
    >
    > El Martes, 3 de Abril de 2007 00:01, Sune Vuorela escribió:
    > > > > Hi, I'm using Etch RC2 and I use klaptopdaemon to lock and hibernate my
    > > > > laptop when I noticed an interesting little bug. I access lock and
    > > > > hibernate by right-clicking on the system tray icon and clicking on the
    > > > > option there.

    > >
    > > I have absolutely only very little clue about this, but I took a look at
    > > the klaptopdaemon sources - and it seems it invokes the lock command and
    > > after that it invokes hibernate.
    > >
    > > It might be that the lock command returns immediately while the locking can
    > > be delayed for some reasons.
    > >

    > After some conversation on #kde they pointed me the reason is indeed that,
    > but instead of carrying out the test Sune proposed it suggested me a "smarter
    > kde way" (TM) which consists of substituing the asynchronous "send" dcop API
    > call by a "call" which is synchronous.
    >
    > I also opened a bug on kde and there is a proposed patch
    >


    Let's see what upstream says about the patch. Thanks a lot for you work on
    this!

    Ana




    --
    To UNSUBSCRIBE, email to debian-kde-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

+ Reply to Thread