[pkg-cinnamon] Bug#854344: Password dialog can be skipped using lightdm autologin feature

Ivar Smolin okul at linux.ee
Mon Feb 6 09:25:04 UTC 2017 

Package: cinnamon-screensaver
Version: 3.2.13-1
Severity: normal
Tags: security

If user locks the screen with cinnamon-screensaver, the password dialog
can be skipped if lightdm autologin feature is enabled.

Scenario:
1. Lock the screen
2. Use "Switch users" button to activate the lightdm screen
3. Wait until lightdm autologin timeout is over
4. User desktop is activated

Autologin parameters enabled in lightdm config (section [Seat:*]):
# diff /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.original
122,123c122,123
< autologin-user=okul
< autologin-user-timeout=2
---
 > #autologin-user=
 > #autologin-user-timeout=0


lightdm version:
ii  lightdm                     1.18.3-1


I generated two user cases to explain the problem and also tested them 
in my computer. In both cases the password dialog can be skipped using 
autologin feature.

Case 1: User data is protected by hard disk partition password.
This case is applicable for single user computer if user wants to avoid 
entering two passwords during bootup.
Hard disk partition is encrypted. Accessing data requires to enter 
password during bootup process. After entering password, the display 
manager logs user in automatically.

Case 2: User data is protected by autolocking screen after autologin
This case is applicable for user who wants to log in automatically (to 
continue downloads, to start audio player, etc...) but also to protect 
his/her data.
Screen locking is activated by session startup programs. Display manager 
logs user in automatically and locks screen.


-- System Information:
Debian Release: 9.0
   APT prefers testing
   APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cinnamon-screensaver depends on:
ii  cinnamon-desktop-data       3.2.4-3
ii  gir1.2-accountsservice-1.0  0.6.43-1
ii  gir1.2-cinnamondesktop-3.0  3.2.4-3
ii  gir1.2-gkbd-3.0             3.22.0.1-1
ii  gir1.2-glib-2.0             1.50.0-1
ii  gir1.2-gtk-3.0              3.22.6-1
ii  gir1.2-xapp-1.0             1.0.2-1
ii  iso-flags-png-320x240       1.0.1-1
ii  libc6                       2.24-8
ii  libcscreensaver0            3.2.13-1
ii  libglib2.0-0                2.50.2-2
ii  libgtk-3-0                  3.22.6-1
ii  python3                     3.5.3-1
ii  python3-gi                  3.22.0-2
ii  python3-gi-cairo            3.22.0-2
ii  python3-setproctitle        1.1.10-1
ii  python3-xlib                0.14+20091101-5
pn  python3:any                 <none>
pn  python:any                  <none>

Versions of packages cinnamon-screensaver recommends:
ii  cinnamon-screensaver-x-plugin  3.2.13-1

Versions of packages cinnamon-screensaver suggests:
pn  cinnamon-screensaver-webkit-plugin  <none>

-- no debconf information
-------------- next part --------------
#
# General configuration
#
# start-default-seat = True to always start one seat if none are defined in the configuration
# greeter-user = User to run greeter as
# minimum-display-number = Minimum display number to use for X servers
# minimum-vt = First VT to run displays on
# lock-memory = True to prevent memory from being paged to disk
# user-authority-in-system-dir = True if session authority should be in the system location
# guest-account-script = Script to be run to setup guest account
# logind-check-graphical = True to on start seats that are marked as graphical by logind
# log-directory = Directory to log information to
# run-directory = Directory to put running state in
# cache-directory = Directory to cache to
# sessions-directory = Directory to find sessions
# remote-sessions-directory = Directory to find remote sessions
# greeters-directory = Directory to find greeters
# backup-logs = True to move add a .old suffix to old log files when opening new ones
#
[LightDM]
#start-default-seat=true
#greeter-user=lightdm
#minimum-display-number=0
#minimum-vt=7
#lock-memory=true
#user-authority-in-system-dir=false
#guest-account-script=guest-account
#logind-check-graphical=false
#log-directory=/var/log/lightdm
#run-directory=/var/run/lightdm
#cache-directory=/var/cache/lightdm
#sessions-directory=/usr/share/lightdm/sessions:/usr/share/xsessions:/usr/share/wayland-sessions
#remote-sessions-directory=/usr/share/lightdm/remote-sessions
#greeters-directory=/usr/share/lightdm/greeters:/usr/share/xgreeters
#backup-logs=true

#
# Seat configuration
#
# Seat configuration is matched against the seat name glob in the section, for example:
# [Seat:*] matches all seats and is applied first.
# [Seat:seat0] matches the seat named "seat0".
# [Seat:seat-thin-client*] matches all seats that have names that start with "seat-thin-client".
#
# type = Seat type (xlocal, xremote, unity)
# pam-service = PAM service to use for login
# pam-autologin-service = PAM service to use for autologin
# pam-greeter-service = PAM service to use for greeters
# xserver-command = X server command to run (can also contain arguments e.g. X -special-option)
# xmir-command = Xmir server command to run (can also contain arguments e.g. Xmir -special-option)
# xserver-config = Config file to pass to X server
# xserver-layout = Layout to pass to X server
# xserver-allow-tcp = True if TCP/IP connections are allowed to this X server
# xserver-share = True if the X server is shared for both greeter and session
# xserver-hostname = Hostname of X server (only for type=xremote)
# xserver-display-number = Display number of X server (only for type=xremote)
# xdmcp-manager = XDMCP manager to connect to (implies xserver-allow-tcp=true)
# xdmcp-port = XDMCP UDP/IP port to communicate on
# xdmcp-key = Authentication key to use for XDM-AUTHENTICATION-1 (stored in keys.conf)
# unity-compositor-command = Unity compositor command to run (can also contain arguments e.g. unity-system-compositor -special-option)
# unity-compositor-timeout = Number of seconds to wait for compositor to start
# greeter-session = Session to load for greeter
# greeter-hide-users = True to hide the user list
# greeter-allow-guest = True if the greeter should show a guest login option
# greeter-show-manual-login = True if the greeter should offer a manual login option
# greeter-show-remote-login = True if the greeter should offer a remote login option
# user-session = Session to load for users
# allow-user-switching = True if allowed to switch users
# allow-guest = True if guest login is allowed
# guest-session = Session to load for guests (overrides user-session)
# session-wrapper = Wrapper script to run session with
# greeter-wrapper = Wrapper script to run greeter with
# guest-wrapper = Wrapper script to run guest sessions with
# display-setup-script = Script to run when starting a greeter session (runs as root)
# display-stopped-script = Script to run after stopping the display server (runs as root)
# greeter-setup-script = Script to run when starting a greeter (runs as root)
# session-setup-script = Script to run when starting a user session (runs as root)
# session-cleanup-script = Script to run when quitting a user session (runs as root)
# autologin-guest = True to log in as guest by default
# autologin-user = User to log in with by default (overrides autologin-guest)
# autologin-user-timeout = Number of seconds to wait before loading default user
# autologin-session = Session to load for automatic login (overrides user-session)
# autologin-in-background = True if autologin session should not be immediately activated
# exit-on-failure = True if the daemon should exit if this seat fails
#
[Seat:*]
#type=xlocal
#pam-service=lightdm
#pam-autologin-service=lightdm-autologin
#pam-greeter-service=lightdm-greeter
#xserver-command=X
#xmir-command=Xmir
#xserver-config=
#xserver-layout=
#xserver-allow-tcp=false
#xserver-share=true
#xserver-hostname=
#xserver-display-number=
#xdmcp-manager=
#xdmcp-port=177
#xdmcp-key=
#unity-compositor-command=unity-system-compositor
#unity-compositor-timeout=60
#greeter-session=example-gtk-gnome
#greeter-hide-users=false
#greeter-allow-guest=true
#greeter-show-manual-login=false
#greeter-show-remote-login=true
#user-session=default
#allow-user-switching=true
#allow-guest=true
#guest-session=
#session-wrapper=lightdm-session
#greeter-wrapper=
#guest-wrapper=
#display-setup-script=
#display-stopped-script=
#greeter-setup-script=
#session-setup-script=
#session-cleanup-script=
#autologin-guest=false
autologin-user=okul
autologin-user-timeout=2
#autologin-in-background=false
#autologin-session=
#exit-on-failure=false

#
# XDMCP Server configuration
#
# enabled = True if XDMCP connections should be allowed
# port = UDP/IP port to listen for connections on
# listen-address = Host/address to listen for XDMCP connections (use all addresses if not present)
# key = Authentication key to use for XDM-AUTHENTICATION-1 or blank to not use authentication (stored in keys.conf)
# hostname = Hostname to report to XDMCP clients (defaults to system hostname if unset)
#
# The authentication key is a 56 bit DES key specified in hex as 0xnnnnnnnnnnnnnn.  Alternatively
# it can be a word and the first 7 characters are used as the key.
#
[XDMCPServer]
#enabled=false
#port=177
#listen-address=
#key=
#hostname=

#
# VNC Server configuration
#
# enabled = True if VNC connections should be allowed
# command = Command to run Xvnc server with
# port = TCP/IP port to listen for connections on
# listen-address = Host/address to listen for VNC connections (use all addresses if not present)
# width = Width of display to use
# height = Height of display to use
# depth = Color depth of display to use
#
[VNCServer]
#enabled=false
#command=Xvnc
#port=5900
#listen-address=
#width=1024
#height=768
#depth=8

More information about the pkg-cinnamon-team mailing list