expo allows bypass of screensaver

Urgh. Not again.

I'm not sure whether the problem here is with gnome-screensaver failing to grab the mouse, or what, but this is a serious problem.

Urgh, I can confirm this behavior.

The "unredirect-fullscreen-window" option does not matter it works for both disabled and enabled.

The expo shortcut key does not work so at least this is not exploitable in the default install (we don't assign expo to a mousebutton by default). I looked at the screensaver code and it looks like there is a active pointer grab when the unlock dialog is up.

The critical bit is gs-manager.c:1106 - it releases the pointer grab when the dialog comes up and re-grabs it again when the dialog goes down. Its not held while the dialog is up, otherwise the button in the unlock dialog become unclickable. The keyboard grab is still held and the key events are forwarded to the dialog via forward_key_events() in gs-window-x11.c:1151.

I just checked/confirmed that its a problem on hardy too.

I uploaded a initial version of a workaround fix. Its not elegant but should get the job done. I put it into the compiz PPA at:
"deb http://ppa.launchpad.net/compiz/ubuntu intrepid main"

version is 0.7.8-0ubuntu4.2~ppa1

Please test (both if it fixes the bug and for possible regressions/crashes) and give me feedback.

Thanks,
 Michael

thanks michael, your change appears to have fixed it for me. i can no longer activate expo while the screensaver is active. i'll be sure to post again if i find any regressions or general bugginess.

-sagar

hmm i'm not sure if this is related to your fix, but compiz has been segfaulting on my box. compiz crashes and gets replaced by metacity. then everything is fine until i do an alt+tab (in metacity) and suddenly X crashes. dmesg shows this line:

compiz.real[7849]: segfault at 1a0 ip 08069d8d sp bfa33fe0 error 4 in compiz.real[8048000+34000]

i'm not sure how to get any more info from it.

-sagar

Accepted into intrepid-proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Accepted into hardy-proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Using compiz-fusion-plugins-main package version 0.7.8-0ubuntu2.1 from Intrepid -proposed I am no longer able to recreate this bug and drag aside the screensaver.

Hi,

I have 0.7.4-0ubuntu6 already installed from hardy-proposed. I guess, a version of 0.7.4-0ubuntu6.1 is needed.

Best regards,
Whoopie

Accepted into gutsy-proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

*really* accepting 0.7.4-0ubuntu6.1 into hardy-proposed now, sorry.

hello,
i mentioned this before in https://bugs.launchpad.net/ubuntu/+source/compiz-fusion-plugins-main/+bug/247088/comments/8 but i wasn't sure if that seg fault was due to the new package. however, i'm now getting a seg fault on my laptop as well after updating to 0.7.8-0ubuntu2.1 from intrepid-proposed. here is the line in dmesg, although i'm not sure if this is helpful at all.

compiz.real[7009]: segfault at 220 ip 00000000004233e7 sp 00007fff8c3dd750 error 4 in compiz.real[400000+3b000]

sagar

i've enabled apport and attached the crash report here.

sagarp, does the crash stop if you downgrade compiz again?

  sudo apt-get install compiz/intrepid compiz-core/intrepid compiz-gnome/intrepid compiz-plugins/intrepid

sagarp, also, if downgrading helps, can you give steps to reproduce the crash? I am not able to reproduce the crash with my intrepid machine.

sorry, i had fixed it by downgrading at the time, but then i forgot about it. now it seems like i'm running the latest version (0.7.8-0ubuntu2.1) and i no longer get random crashes. if it happens again, i'll post steps to reproducing the problem.

This bug was fixed in the package compiz-fusion-plugins-main - 0.7.8-0ubuntu2.2

---------------
compiz-fusion-plugins-main (0.7.8-0ubuntu2.2) intrepid-security; urgency=low

  * SECURITY UPDATE: do not allow move in expo mode for windows that are
    not supposed to be moved (LP: #247088)
    - debian/patches/05_fix_expo.patch: from git

 -- Michael Vogt <email address hidden> Fri, 21 Nov 2008 12:09:19 +0100

This bug was fixed in the package compiz-fusion-plugins-main - 0.7.4-0ubuntu6.2

---------------
compiz-fusion-plugins-main (0.7.4-0ubuntu6.2) hardy-security; urgency=low

  * SECURITY UPDATE: do not allow window to be moved that are not supposed
    to be moved (LP: #247088)
    - 05_fix_expo.patch: from git

 -- Michael Vogt <email address hidden> Mon, 24 Nov 2008 15:41:36 +0100

This bug was fixed in the package compiz-fusion-plugins-main - 0.5.2+git20070928-0ubuntu2.2

---------------
compiz-fusion-plugins-main (0.5.2+git20070928-0ubuntu2.2) gutsy-security; urgency=low

  * SECURITY UPDATE: do not allow move in expo mode for windows that are
    not supposed to be moved (LP: #247088)
    - debian/patches/05_fix_expo.patch: from git

 -- Michael Vogt <email address hidden> Mon, 24 Nov 2008 15:46:47 +0100

That fix doesn't prevent other windows to receive mouse events though.

compiz-fusion-plugins-main (0.7.8-0ubuntu3) jaunty; urgency=low

  * debian/patches/05_fix_expo.patch:
    - from git: do not allow move in expo mode for windows
      that are not supposed to be moved (LP: #247088)

 -- Michael Vogt <email address hidden> Fri, 21 Nov 2008 12:09:19 +0100