Bug#798552: gdm3: password can be unmasked even after "submitting" the credentials

Raphael Geissert geissert at debian.org
Thu Sep 10 13:33:13 UTC 2015

Package: gdm3
Version: 3.14.1-7
Tags: security


The alt menu that allows the password in the login screen to be
unmasked is still available after the user has submitted its
credentials when pressing the "login" button. This could allow an
opportunistic attacker to unmask the user's password.

This could be possible whenever the pam stack or any of the seat
handling code takes a while to do its thing (think of network
connectivity issues, some software component failing, etc). In some of
these cases it is not even possible for the user to "abort" the login
process, further increasing the feasibility of this attack.

It would be best if the password was cleared from the field as soon as
the login event was triggered.

Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

More information about the pkg-gnome-maintainers mailing list