Public bug reported:
I've found that most of user authentication programs that used in Ubuntu is
pkexec. The problem is that this program do not lock the keyboard (while gksu
does).
For example, the program xneur (analog of puntoswitcher) can log keystrokes.
And when I turn on this option, I found my password used to authenticate
applications in this log (this password can be used to get access to root).
** Affects: policykit-1 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/917612
Title:
Easy keylogging of user password
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/917612/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
