Broken lockscreen on multi-monitor setup

[jake770321]

Description

Lock screen is easily bypassed by switching off the main monitor in a multi monitor setup

Budgie version

10.6.4

Operating system

Solus 4.3 Fortitude

Steps to reproduce the issue

1. Have 2 monitors plugged in and switched on.
2. Lock the screen
3. Turn off the main monitor.

Actual result

Lock screen is now bypassed on the 2nd monitor.

Expected result

Screen should stay locked regardless of monitor setup

[serebit]

I've attempted to reproduce this on Endeavour with an AMD+AMD laptop, and wasn't able to do so. @EbonJaeger is going to attempt to reproduce on Solus, but in the meantime, the following would help:

• What GPU do you have?
• What GPU drivers are you using (proprietary or open-source, and what version)
• What type of connection are you using between the monitor and system? USB-C, DisplayPort, HDMI, etc
• Does anything show up in the logs when this happens on your system, like in journald?

Any other info you think might be appropriate to provide would be appreciated as well.

[jake770321]

GPU: RTX 3060Ti
Drivers: Proprietary (520.56.06)
Connection: DisplayPort + DisplayPort but got the same result when switching to DisplayPort + HDMI. (Probably unrelated but I was getting complete system freezes when waking the system using DisplayPort + DisplayPort. Switching to HDMI on one of the monitors seems to have fixed it but still causes the lockscreen to break)
(Will check to see if anything shows up in logs as soon as I can)

The lock screen reappears once the main monitor is switched back on. Don't know if it'd produce the same result but it might be worth trying to reproduce this by unplugging the display cable or monitor power cable from the main monitor.

[serebit]

And just so we're on the same page, when the main monitor is turned off, you can interact with the desktop, open files and applications, etc, before it's turned back on and the dialog reappears?

[jake770321]

It seems so, yes. I only tried using the browser but it worked as if the PC was unlocked. Might not have access to my computer for around a week so I will troubleshoot some more and report back as soon as I am able.

[EbonJaeger]

Solus 4.3 Fortitude
Intel® Core™ i5-6400
AMD Radeon™ RX 560 Series

I also cannot reproduce this issue. Locking the screen and then turning the main monitor off keeps the system locked.

[fossfreedom]

Copy paste of a user who reported the same issue on UB. Seems specific to HDMI?

INTRODUCTION
-----------------------
In this preliminary report I will detail the discovery of a vulnerability with potentially high impact in which, with local access to the computer, allows bypassing the authentication inside a system with kernel version "Linux budgie 5.13.0-30-generic" and operating system "Ubuntu Budgie 21.10 impish" by using only a HDMI cable.

Once access is gained, we can run commands in the command terminal or browse the system files with the privileges of the last user who locked or suspended the computer.

I don't know if it is possible to apply it to other Ubuntu variants or other different kernel versions.

REQUIREMENTS
------------------------

Operating system: Ubuntu Budgie 21.10 impish
Kernel: Linux budgie 5.13.0-30-generic
Equipment: A laptop and an external monitor. The laptop is connected via HDMI cable to the monitor. The monitor is configured as the main screen and in "join displays" or "extended" mode.

METHODOLOGY
-----------------------

First, we will turn on the laptop and then, we will log in with any user. Once we have logged in we must lock or suspend the system.

Note that once suspended or locked, if we want to unlock it, it will ask for the user's password again. What we will do is simply disconnect the HDMI cable and we will automatically have access to the user's desktop without having to enter the password again.

In case it does not allow us to use the keyboard, it will be enough to connect and disconnect the HDMI cable for it to work again. There may also be display errors if we start the browser or other applications, but it allows us to perform operations such as executing commands or browse and display file explorer content without any problem.

I leave attached a video showing the complete procedure:
https://www.youtube.com/watch?v=cdtbfSj8SUI

I leave attached this same report but in PDF improved format:

English: https://raw.githubusercontent.com/geosysadmin/personal/main/vulnerability_report_authentication_bypass_ubuntu_budgie_en.pdf

---

SPECIFICATIONS OF MY COMPUTER:

Operating system: Ubuntu Budgie 21.10 impish
Kernel: Linux budgie 5.13.0-30-generic
Model: LENOVO 20YGCTO1WWW

[fossfreedom]

Another user reported these steps but didn't mention hdmi

Steps:

1. Laptop is closed but not turned off so just sleeping
2. Opening laptop and shows login window
3. Instead of entering password I plug in the second monitor
4. This bypasses the login screen somehow and I can use the laptop normally

This doesn't always work but I can replicate it 4 out of 5 times for sure.

[fossfreedom]

And another user ... variation on actions

In 22.04 I observe a similar and reproducible issue: with the external monitor connected and the desktop locked, simply turn off or disconnect the monitor and the desktop will be unlocked on the laptop monitor. I often find the desktop unlocked because the external monitor goes to sleep.

[jake770321]

I have tried using a HDMI cable on the main monitor and a DisplayPort cable on the 2nd monitor (and vice versa) and got the same result. I would've tested with both monitors using HDMI but i only have a single HDMI cable and i also don't think the type of cable used matters here. Some things that i would like to clarify/correct are:

1. Keyboard input is not registered when the lockscreen is bypassed. I was unable to get the keyboard to work by following the steps in Broken lockscreen on multi-monitor setup #9 (comment) but I am not using a laptop so that might be why. I tried the onscreen keyboard and was unable to get that to work also.
2. Right click works in the browser but not in the file manager (Nautilus) but i am still able to open/move files in Nautilus and access tabs/extensions (including my unlocked password manager) in Firefox.
3. The budgie menu doesn't close automatically when clicking on any other part of the screen and has to be closed manually.(When the lockscreen is bypassed)
4. Nothing seems to show up in journald when the lockscreen is bypassed.

Please let me know if there's anything else you need from me ASAP as this bug makes budgie unusable for me and i'll soon be switching to something else for the time being.

[serebit]

Does this still happen with the newest release (v5.1.0)?

[jake770321]

5.0.2-22 seems to be the latest available version on Solus. What would be the best way of trying out a newer version?

[serebit]

Wait for the next sync from unstable to stable. Should be sometime tomorrow if memory serves - check for updates and see if budgie-screensaver is in the list of packages to update.

[EbonJaeger]

Sync is delayed this week on Solus due to the LTS kernel moving to 5.15.

You can try to install the pacakge from here directly:
sudo eopkg it http://mirror.rit.edu/solus/packages/unstable/b/budgie-screensaver/budgie-screensaver-5.1.0-23-1-x86_64.eopkg

I'm not sure if anything it depends on has been updated as well.

[jake770321]

Have tried now with 5.1.0 and still the same issue

[Gabb1995]

Another user reported these steps but didn't mention hdmi

Steps:

1. Laptop is closed but not turned off so just sleeping

2. Opening laptop and shows login window

3. Instead of entering password I plug in the second monitor

4. This bypasses the login screen somehow and I can use the laptop normally

This doesn't always work but I can replicate it 4 out of 5 times for sure.

This was me and yes I was using HDMI.

FYI on 22.04.1 LTS I am not getting this issue anymore. If you need any more details about versions etc let me know.

[jake770321]

I have since switched over to endeavourOS and it still seems to be a problem unfortunately

[ur5us]

s. my #24 for yet another report on this.

[presianbg]

This bug is manifesting more often lately, do not know to exact cause.
My workaround is to switch to tty -> kill budgie-screensaver, but then my monitors are being turned off every few seconds of inactivity.

Is there a way to just restart the budgie-screensaver or disable it, but keep the lockscreen ?

System info:
Solus (up-to-date)
DE: Budgie
Monitors: 3 (laptop with docking station).

Cheers,
PY

[JoshStrobl]

@presianbg budgie-screensaver is the lockscreen.

[cosmic-zip]

I think open another issue, because this one are going to be 2 years old.

Hi, its April 2024 and this bug exist.
i can consistently reproduce this bug all day
i'm also have made an video and posted on solus matrix, with the same MO:

1. lock the screen with two monitors.
2. remove the HDMI cable.
3. enjoy unlocked laptop screen.

https://matrix.to/#/!cFrsUIXgnOUewzIvYb:matrix.org/$uZ0hHx5i5PquQDa_gbm3JpasZVO7S2KbBfrJ20b3aKs?via=matrix.org&via=4d2.org&via=riot.anarchyplanet.org

Host: Lenovo ideapad 330-15IKB
OS: the latest version of Solus 4.5 Resilience updated today.
CPU: Intel i3-7020U (4) @ 2.300GHz
GPU: Intel HD Graphics 620
RAM: 8GB
SSD: 120GB SATA
Resolution: 1920x1080, 2560x1080
DE: Budgie 10.9.1

[cosmic-zip]

BTW

main@wired $ budgie-screensaver --debug

[gs_debug_init] ../src/gs-debug.c:106 (15:32:26): Debugging enabled
[main] ../src/gnome-screensaver.c:118 (15:32:26): initializing budgie-screensaver 5.1.0
[query_session_id] ../src/gs-listener-dbus.c:1437 (15:32:26):

Couldn't determine our own session id: No data available

[init_session_id] ../src/gs-listener-dbus.c:1484 (15:32:26): Got session-id: (null)
[gs_fade_init] ../src/gs-fade.c:919 (15:32:26): Fade type: 3
[set_status] ../src/gs-watcher-x11.c:341 (15:32:26): GSWatcher: not active, ignoring status changes
[gs_manager_set_lock_enabled] ../src/gs-manager.c:160 (15:32:26): GSManager: lock-enabled=1
[gs_watcher_set_active] ../src/gs-watcher-x11.c:272 (15:32:26): turning watcher: ON
[listener_dbus_handle_system_message] ../src/gs-listener-dbus.c:849 (15:32:26): obj_path=/org/freedesktop/DBus interface=org.freedesktop.DBus method=NameAcquired destination=:1.518
[on_bg_changed] ../src/gs-manager.c:548 (15:32:26): background changed

[larvel]

I can confirm this was still an issue in Ubuntu Budgie 22.04 and also in 24.04. Swapping desktop environemnt to ubuntu-gnome-desktop solved the issue for me. I am using a dell dock with USC-C connected to the computer. Both screens are connected to the dock using USB-C.

OS: Ubuntu 24.04 LTS x86_64
Host: Dell Precision 5540

[cr1cr1]

Also have this issue. version 5.1.0, single active monitor, but a second one connected via HDMI.