344934 – After resume, desktop is shortly visible before screenlocker prompts for password

Bug 344934 - After resume, desktop is shortly visible before screenlocker prompts for password

Summary: After resume, desktop is shortly visible before screenlocker prompts for pass...

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	ksmserver
Classification:	Plasma
Component:	lockscreen (show other bugs)
Version:	4.11.10
Platform:	Fedora RPMs Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	David Edmundson

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-03-07 09:13 UTC by Éric Brunet
Modified:	2015-05-19 08:05 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Éric Brunet 2015-03-07 09:13:35 UTC

This is a privacy problem concerning suspend/resume.

* What is expected: when I resume the computer, I see the locked screen prompting me for a password.
* What actually happens: when I resume the computer, I see my desktop for a variable amount of time (between 0 and 1 second), and then the locked screen appears prompting for a password.

This means that someone opening my suspended computer can get a glimpse of what I am doing, even take a photo of my desktop without knowing my password. This could be a very problematic privacy issue. Powerdevil should make sure the screen locker had time to display its image, or it should blank the screen in some way before suspending the system.

Sysytem is an up-to-date Fedora 21. kde version is 4.14.4 (which is not proposed by the bug tracking system). In case it is relevant, I am using kdm as login manager, and I have a custom theme for the locked screen (I just copied a theme and changed the background image).

Important point: it was working perfectly well on Fedora 20. The problem appeared when I upgraded to F21. 

I couldn't find anything obviously related to the screen locker in the proposed list of kde components, so I classified this as a general kde bug. Sorry about that. 

Reproducible: Always

Comment 1 Christoph Feck 2015-03-07 18:56:14 UTC


*** This bug has been marked as a duplicate of bug 344427 ***

Comment 2 Éric Brunet 2015-03-07 20:50:41 UTC

I am sorry, I fail to see why this is a duplicate of bug 344427: one is about plasma 5, the other is about kde 4.14. In bug 344427 it is mentionned that "kwin breaks" and that "even though the screen is locked, I can still see data" suggesting that the data can be seen for any amount of time. In the current bug, no program breaks, the system is fully usable and the data can only be read for a short amount time.

Or did I misread the description of 344427 ? In doubt, I don't change yet the status of this bug.

Comment 3 Christoph Feck 2015-03-15 22:21:06 UTC

Okey, maybe I misunderstood.

Comment 4 Martin Flöser 2015-05-19 08:05:19 UTC

In Plasma 5 we have improved the interaction to ensure that the screen is properly locked when resuming from suspend by interacting with Logind. As that is a new feature it won't be backported to 4.x any more. I'm sorry that we were not able to fix this issue for 4.x.

As it's fixed in 5.x I consider this as a worksforme.