[Bug 280051] New: focus stealing allows keystroke hijacking
bkorb at gnu.org
bkorb at gnu.org
Sat Aug 13 23:27:36 BST 2011
https://bugs.kde.org/show_bug.cgi?id=280051
Summary: focus stealing allows keystroke hijacking
Product: kde
Version: 4.7
Platform: openSUSE RPMs
OS/Version: Linux
Status: UNCONFIRMED
Severity: major
Priority: NOR
Component: general
AssignedTo: unassigned-bugs at kde.org
ReportedBy: bkorb at gnu.org
Version: 4.7 (using KDE 4.7.0)
OS: Linux
RE: Bug 80897
Since that bug is listed as a "wish list" and since the problem is a security
issue, either that bug needs to be re-interpreted as a severe bug or else a
severe bug needs to be raised as the severe problem. Focus stealing is not a
wish list item.
Reproducible: Always
Steps to Reproduce:
1. fire up a key logger program under some sort of delay.
2. Log in to your financial institution. Time it so you
are typing your password when #1 wakes up and steals focus
Alternatively:
1. spend all day working on some document
2. have a popup steal a few keystrokes
3. let the remaining keystrokes in the buffer mean,
"quit now and discard everything"
The first has never happened to me, but the latter *almost* has.
Actual Results:
I swallow my heart back down out of my throat and do the right thing.
Expected Results:
I expect my keystrokes to arrive at the window that was under focus when I
started typing them and not delivered to some popup. I also do not expect
focus stealing to move my current desktop to another one.
It's been 7 years now since the issue was raised. It is not a trivial issue.
It is important. Thank you.
--
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the Unassigned-bugs
mailing list