Created attachment 128029 [details] Bug Screenshot SUMMARY The background of a notification will "bleed" into the lock screen, especially if the notification has blurred or glass effects. PRE-REQUISITES FOR REPRODUCING: 1. Noticed predominantly with a glass theme, especially with blurred effects. 2. Using a theme called "OxygenDymAero7." 3. Noticed on KDE Wayland session. STEPS TO REPRODUCE 1. Lock the screen 2. Trigger a notification, such as an update being available. The order of the steps do not appear to matter. OBSERVED RESULT A section of the lock screen will either be blurred or display an appreciable portion of the background effect used by the window. EXPECTED RESULT The lock screen should NOT give away the positions or contents of ANY window. This is a security issue and may also be the root of other potential information leaks in other circumstances. SOFTWARE/OS VERSIONS Linux/KDE Plasma: Fedora Workstation 32 (available in About System) KDE Plasma Version: 5.18.3 KDE Frameworks Version: 5.68.0 Qt Version: 5.13.2 ADDITIONAL INFORMATION KDE Wayland session. Unknown if this is related to just KWin (Wayland) or if there are other components at play.
Just to make sure I understand, you see the blur effect on the lockscreen, but not the contents of the notification itself?
(In reply to David Edmundson from comment #1) > Just to make sure I understand, you see the blur effect on the lockscreen, > but not the contents of the notification itself? That is correct. The blur effect matches the exact position and outline of the notification.
We could disable background contrast and blur effect when the screen is locked, but I don't understand why notifications are painted about the lockscreen window in the first place.
Argh, the lockscreen window is placed below notifications so it kind of makes sense.
(In reply to Vlad Zahorodnii from comment #4) > Argh, the lockscreen window is placed below notifications so it kind of > makes sense. Funny you should mention that, I did notice that if there were multiple notifications on the screen (eg. multiple update failures or some other things) this often only occurred with just one notification window.
(In reply to AK-47 from comment #5) > (In reply to Vlad Zahorodnii from comment #4) > > Argh, the lockscreen window is placed below notifications so it kind of > > makes sense. > Funny you should mention that, I did notice that if there were multiple > notifications on the screen (eg. multiple update failures or some other > things) this often only occurred with just one notification window. To clarify, it would occur with one of the multiple windows, usually the one in the highest position.
Git commit 6f8b8efb338117ee197092e46b25b489b612257d by Vlad Zahorodnii. Committed on 11/05/2020 at 11:21. Pushed by vladz into branch 'Plasma/5.18'. [wayland] Place lockscreen greeter above other windows Summary: BUG: 420802 Reviewers: #kwin, davidedmundson Reviewed By: #kwin, davidedmundson Subscribers: apol, kwin Tags: #kwin Differential Revision: https://phabricator.kde.org/D29523 M +2 -0 abstract_client.cpp M +19 -0 autotests/integration/lockscreen.cpp https://commits.kde.org/kwin/6f8b8efb338117ee197092e46b25b489b612257d