I got more or less shocked today while I was making an extra account for private use. This is where I'm going to work with very personal and private data about me and my work, so if I need to go away from the computer, I'll either lock the session or switch to my default account until I get back. Or Especially if someone needs to access my computer for a short while.
While either locking the screen/session, or switching between the accounts, normally you should see a completely black screen with only the password prompt window in the middle. This I remember from Gnome/Ubuntu.
In KDE/Kubuntu, sometimes a bug hits the system so the screen of the session that you're about to log back into reveals the whole desktop in the background, and some corrupt graphics is shown around the login and password field. There's no problem logging back in again, but man, anyone can just give that a try, and even without a password, they'll get a perfect glance of the active desktop while the password is being prompted; this could reveal every open document on that desktop.
I'm pretty sure that this is a bug in KDE/Kubuntu, since this is related to the KDE lockout/user switch session manager only. I actually did like KDE/Kubuntu a lot; until I discovered this flaw. I can live with bugs here and there, but this is actually a major security breach in a multiuser environment; at least if you care about and need your privacy.
But before I ditch it for Gnome and get back to the good old and boring Ubuntu again, I'd like to have some opinions about this and check if this could be solved in any way. As I said, I wold like to stay and use KDE/Kubuntu, but not with this security flaw hanging over me like a ghost!
Thanks for understanding!
While either locking the screen/session, or switching between the accounts, normally you should see a completely black screen with only the password prompt window in the middle. This I remember from Gnome/Ubuntu.
In KDE/Kubuntu, sometimes a bug hits the system so the screen of the session that you're about to log back into reveals the whole desktop in the background, and some corrupt graphics is shown around the login and password field. There's no problem logging back in again, but man, anyone can just give that a try, and even without a password, they'll get a perfect glance of the active desktop while the password is being prompted; this could reveal every open document on that desktop.
I'm pretty sure that this is a bug in KDE/Kubuntu, since this is related to the KDE lockout/user switch session manager only. I actually did like KDE/Kubuntu a lot; until I discovered this flaw. I can live with bugs here and there, but this is actually a major security breach in a multiuser environment; at least if you care about and need your privacy.
But before I ditch it for Gnome and get back to the good old and boring Ubuntu again, I'd like to have some opinions about this and check if this could be solved in any way. As I said, I wold like to stay and use KDE/Kubuntu, but not with this security flaw hanging over me like a ghost!
Thanks for understanding!
Comment