So I have a patch that prevents the greeter from sending such bad packets to the daemon.
With this patch, the behavior looks similar, but is recoverable. Pressing Enter will still grey out the prompt box, but pressing up or down to move to a new entry will clear the prompt and still allow logging in. Also, pressing Escape will reset the prompt. So we prevent the DOS attack. To properly fix this (i.e. to present the user with a warning), liblightdm-gobject would need quite a few changes to be able to bubble such errors up (perhaps including API changes, as lightdm_greeter_respond does not seem to allow for errors). So I think this patch is all we likely want to do for 12.04. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/969023 Title: (over)filling password field makes logon difficult To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/969023/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
