These days we have all heard about the WannaCry virus or ransomware, a malware that has put everyone and their companies in check. For Ubuntu it is not a problem or for its users, but Ubuntu is no stranger to these types of problems and has recently shown a serious security problem.
This serious problem allows any person in a physical way can access the private sessions and thereby access private files and computer resources.
Fortunately this bug in LightDM already has its correction and a recent update will allow us to be safe and protected again. Interestingly, this bug only affects versions 16.10 and 17.04, versions that have systemd. And it seems that some of the packages used in this transition to systemd is the culprit of this security hole.
In addition, the problem is not as serious as in other operating systems since the user has to be present in front of the computer to be able to carry out this hack, that is, remotely abuse of security is not possible.
The update that corrects this bug is currently being distributed, but if you have not received it yet or you do not want to install it but you want to have access to guest users again, you just have to edit the LightDM configuration file. So we open a terminal and write the following:
sudo gedit /etc/lightdm/lightdm.conf
And we write the following:
# Manually enable guest sessions despite them not being confined # IMPORTANT: Makes the system vulnerable to CVE-2017-8900 # https://bugs.launchpad.net/bugs/1663157 [Seat:*] allow-guest=true
We save the file and restart the computer for the changes to take effect. Unlike other operating systems, Ubuntu and its Community make the operating system is useful and safe for everyone and if there is a problem, it will be quickly corrected by updating.
Various errors I found
The update is scarier haha
I continue with version 16.04 and I have no problem, so if I do not recommend updating the kernel to the new version, it has a small bug for graphics
From then on, it seems very stable to me and surely do not update until the version with genome comes out and how it behaves
Well just the next day they sent the patch and ready an update quickly and without delay, although I never suffered any errors but hey it never hurts. regards
It's not for nothing but 16.04 also has systemd, 14.04 is the one that doesn't.
In debian8 yesterday I updated "login" and "passwd", I suppose this bug also affected it.