Bug 118541

Summary: Vulnerability after resume from suspend
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Beau Steward <nimdae>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None    
Version: RC 1   
Target Milestone: ---   
Hardware: x86-64   
OS: All   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Beau Steward 2005-09-23 07:20:32 UTC 
In testing suspend to disk and resume, I've discovered that the console is 
locked AFTER resuming rather than BEFORE suspending. If resuming can be slowed, 
such as not allowing a throttled cpu to speed up, the unlock dialog can be 
delayed long enough to disclose information or execute commands. This is only 
locally exploitable. I have been able to reproduce this numerous times to reboot 
my laptop by bringing up a konsole, switching to root, and typing reboot before 
I was prompted to unlock the session.
Comment 1 Marcus Meissner 2005-09-23 08:09:57 UTC 
known problem ... due to some design reasons we hopefully can address. 
 
Thanks! 

*** This bug has been marked as a duplicate of 115123 ***