Announcement

Collapse
No announcement yet.

Fedora 20 GNOME Bug Could Reveal Your Password

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    Fedora 20 GNOME Bug Could Reveal Your Password

    Phoronix: Fedora 20 GNOME Bug Could Reveal Your Password

    There's a peculiar new bug affecting the soon-to-be-released Fedora 20 that could reveal a user's password when switching between users with the GNOME desktop...

    Fedora 20 GNOME Bug Could Reveal Your Password - Phoronix
    http://www.phoronix.com/vr.php?view=MTUyNjc
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    It seems this bug can't be reproduced if you only have one user on your host, lucky.

    However I'm wondering how could it ever happen? Shouldn't the password be cleared immediately after being used?

    Comment

    • #3
      Originally posted by zxy_thf View Post
      It seems this bug can't be reproduced if you only have one user on your host, lucky.

      However I'm wondering how could it ever happen? Shouldn't the password be cleared immediately after being used?
      What's the drama about? The bug got filled on Nov 25 and a fix has been submitted on Nov 25.

      Comment

      • #4
        Originally posted by drago01 View Post
        What's the drama about? The bug got filled on Nov 25 and a fix has been submitted on Nov 25.
        "Upgrade the gnome-shell you beta testers!"

        Comment

        • #5
          Originally posted by BO$$ View Post
          Hahaha! True Red Hat SELinux security.
          It has nothing to SELinux. Furthermore, this bug happen in the non final version. It's not windows where security isn't taken into consideration.

          Comment

          • #6
            Originally posted by BO$$ View Post
            Hahaha! True Red Hat SELinux security.
            Yet another trollish remark by the village idiot.
            (Bug was fixed on the same day, BTW).

            - Gilboa
            oVirt-HV1: Intel S2600C0, 2xE5-2658V2, 128GB, 8x2TB, 4x480GB SSD, GTX1080 (to-VM), Dell U3219Q, U2415, U2412M.
            oVirt-HV2: Intel S2400GP2, 2xE5-2448L, 120GB, 8x2TB, 4x480GB SSD, GTX730 (to-VM).
            oVirt-HV3: Gigabyte B85M-HD3, E3-1245V3, 32GB, 4x1TB, 2x480GB SSD, GTX980 (to-VM).
            Devel-2: Asus H110M-K, i5-6500, 16GB, 3x1TB + 128GB-SSD, F33.

            Comment

            • #7
              Upstream bug has been present for more than a month, but none seems to have noticed it untill RH bug was submitted.

              Bug 710456 – when switching users, the password input screen is shown rather than the user switcher
              https://bugzilla.gnome.org/show_bug.cgi?id=710456

              Comment

              • #8
                Originally posted by Krejzi View Post
                Upstream bug has been present for more than a month, but none seems to have noticed it untill RH bug was submitted.

                https://bugzilla.gnome.org/show_bug.cgi?id=710456
                Which gives extra credit to the RH people...

                - Gilboa
                oVirt-HV1: Intel S2600C0, 2xE5-2658V2, 128GB, 8x2TB, 4x480GB SSD, GTX1080 (to-VM), Dell U3219Q, U2415, U2412M.
                oVirt-HV2: Intel S2400GP2, 2xE5-2448L, 120GB, 8x2TB, 4x480GB SSD, GTX730 (to-VM).
                oVirt-HV3: Gigabyte B85M-HD3, E3-1245V3, 32GB, 4x1TB, 2x480GB SSD, GTX980 (to-VM).
                Devel-2: Asus H110M-K, i5-6500, 16GB, 3x1TB + 128GB-SSD, F33.

                Comment

                • #9
                  Originally posted by BO$$ View Post
                  Microsoft takes security seriously.
                  So real that they report any exploit to the NSA first, before even thinking about patching it, so that the NSA can use it to undermine Windows' security.
                  Yeah, we can see how serious they are about security.

                  Comment

                  • #10
                    Originally posted by BO$$ View Post
                    What?
                    You haven't been following the Snowden revelations?

                    Comment

                    Previous 1 2 3 template Next
                    Working...
                    X