[Bug 759815] New: gnome 3 slow keys is a denial of service attack
https://bugzilla.novell.com/show_bug.cgi?id=759815 https://bugzilla.novell.com/show_bug.cgi?id=759815#c0 Summary: gnome 3 slow keys is a denial of service attack Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: andi-nbz@firstfloor.org QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:12.0) Gecko/20100101 Firefox/12.0 When you press shift too long on the gnome 3 gdm login screen it goes into "slow keys mode". There's no way to opt out or disable it again. There's no visual indication that this is active. You just cannot type anymore. It makes it nearly impossible to log in, absolutely impossible to switch console or kill the X server, and the only way to recover from it is to reboot, run in run level 3 and delete an undocumented file in /var I only found by grepping. As far as I can tell this is a denial of service attack on any locked or unlogged in system and I would consider it a security issue. In my case i had to switch consoles to login (due to the pam_mount update procedure being ahem less that perfect), so the only way out was actually a power switch. But then after the power switch that slow key DoS was still active. Reproducible: Always Steps to Reproduce: 1. press shift for a long time in gdm 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=759815 https://bugzilla.novell.com/show_bug.cgi?id=759815#c1 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@suse.com, | |security-team@suse.de Component|Security |GNOME AssignedTo|security-team@suse.de |bnc-team-gnome@forge.provo. | |novell.com Summary|gnome 3 slow keys is a |VUL-1: gnome 3 slow keys is |denial of service attack |a denial of service attack --- Comment #1 from Marcus Meissner <meissner@suse.com> 2012-07-04 06:18:08 UTC --- assign to gnome folks... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=759815 https://bugzilla.novell.com/show_bug.cgi?id=759815#c2 Vincent Untz <vuntz@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #2 from Vincent Untz <vuntz@suse.com> 2012-07-04 06:51:59 UTC --- First, I fail to see how it's a DoS: with slow keys, you can still type. Then, you should be able to disable this by just holding shift again. See http://library.gnome.org/users/gnome-help/stable/a11y-slowkeys.html.en So unless I'm misunderstanding, this is no real bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=759815 https://bugzilla.novell.com/show_bug.cgi?id=759815#c3 --- Comment #3 from Andi N Kleen <andi-nbz@firstfloor.org> 2012-07-04 12:08:32 UTC --- You cannot type anything, I found it impossible to log in and there's no visual indication. For any normal user it's a reset button situation. I stand by my classification as DoS and security bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=759815 https://bugzilla.novell.com/show_bug.cgi?id=759815#c4 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | --- Comment #4 from Marcus Meissner <meissner@suse.com> 2012-07-05 07:13:15 UTC --- vincent? did yoyu try this yourself? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=759815 https://bugzilla.novell.com/show_bug.cgi?id=759815#c5 Vincent Untz <vuntz@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |INVALID --- Comment #5 from Vincent Untz <vuntz@suse.com> 2012-07-05 07:53:33 UTC --- (In reply to comment #4)
vincent? did yoyu try this yourself?
Yes. Did you try it before reopening? :-) Here's what I see: a) if I press shift for 8-10 seconds, I get a notificaiton telling me that we're now using slow keys b) if I press the "b" key for 0.5 second, "b" will be typed (yes, that's slow keys) c) if I press shift for 8-10 seconds again, slow keys get disabled and I can type normally. Now, there's one bug which is really not a DoS in any way: the slow keys item in the accessibility icon doesn't correctly reflect the state of this option. I can still click on the option to disable slow keys, though. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=759815 https://bugzilla.novell.com/show_bug.cgi?id=759815#c6 --- Comment #6 from Vincent Untz <vuntz@suse.com> 2012-07-05 08:12:32 UTC --- Just to clarify... Andy: - if you don't get a notification, then it's another bug. We should work on that. - if pressing shift fir 8-10 seconds doesn't disable this behavior, then it's also another bug. We should work on that - if, with slow keys, you press a key for, say, 2 seconds and nothing happens, then it's yet another bug, possibly not even related to GNOME but to Xorg. This part could be considered a DoS. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com