Bug 901586

Summary: pKill -9 gnome-shell allow one to log on the computer without entering password
Product: [Fedora] Fedora Reporter: Raphaël Flores <raf64flo>
Component: gnome-shellAssignee: Owen Taylor <otaylor>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 18CC: admiller, fmuellner, otaylor, samkraju, tiagomatos, walters
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-01-27 16:51:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Raphaël Flores 2013-01-18 15:13:19 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20100101 Firefox/17.0
Build Identifier: 

Description of problem:
If TTY terminal is already logged in, anyone having physical access to the keyboard can bypass the lock screen.

Version-Release number of selected component (if applicable):
Fedora 18
GNOME Shell 3.6.2

How reproducible:
Login tty2, come back to graphical session (TTY1), lock screen, kill gnome-shell session, restart it specifying correct display, comme back to TTY1, you're logged.

Reproducible: Always

Steps to Reproduce:
1. Log in gnome-shell session at startup
2. Go to TTY2 (Ctrl+Alt+F2), log same user
3. Come back to TTY1 (Ctrl+Alt+F1)
4. Lock screen (Ctrl+Alt+l)
5. Go back to TTY2 and execute following command:
  $ pkill -9 gnome-shell && /usr/bin/gnome-shell -r -d :0
6. Come back to TTY1

Actual Results:  
I've bypassed the lock screen and got logged in.

Expected Results:  
Should come back on locked screen.

This bug is conditionned to user misattention but in some case, if TTY2 is already logged in, anyone can access to the graphical session. I believe this is a severe security issue.
Comment 1 Rui Matos 2013-01-27 16:51:38 UTC 
As mentioned by Giovanni in gnome's bugzilla this isn't a bug.