Closed Bug 1177373 Opened 5 years ago Closed 5 years ago

lock passcode not requested when powering up


(Firefox OS Graveyard :: Gaia::System::Lockscreen, defect)

Not set


(b2g-v2.2 unaffected, b2g-master affected)

Tracking Status
b2g-v2.2 --- unaffected
b2g-master --- affected


(Reporter: jya, Unassigned)


(Keywords: dogfood, regression, sec-high, Whiteboard: [bzlite])

User-Agent: Mozilla/5.0 (Mobile; rv:41.0) Gecko/41.0 Firefox/41.0

Phone battery was flat and phone turned off. After charging and restarting it, I wasn't prompted for my password when I unlocked the screen. 

So anyone can access the phone, even if passcode is enabled
Note: if you reboot the phone, the passcode should appear as per expected.

QA Wanted : please check flame : flash phone, set passcode, turn off and turn on, unlock and see.

This might be a dup of bug 1173284?
Keywords: qawanted
not sure if it's an important detail or not. But I didn't voluntarily turn off the phone. It turned off by itself after it ran out of battery
Ok, I can reproduce it by simply turning off the phone and then back on.
I was able to reproduce this issue on Flame 3.0. Repro rate is 5/5. Note that as soon as phone restarts, you have to unlock it before it falls asleep again; the passcode screen will appear if the screen had been turned off either manually or by timing out after rebooting.

Device: Flame (full flashed, 319MB, KK)
BuildID: 20150626010205
Gaia: 038e917076271d304b906a41b4de670e505c67ae
Gecko: bbc26cc168c7
Gonk: a4f6f31d1fe213ac935ca8ede7d05e47324101a4
Version: 41.0a1 (3.0 Master) 
Firmware Version: v18D-1
User Agent: Mozilla/5.0 (Mobile; rv:41.0) Gecko/41.0 Firefox/41.0


This issue does NOT reproduce on Flame 2.2. Rebooting phone and immediately unlocking it shows the passcode screen. Bug repro rate: 0/3.

Device: Flame (full flashed, 319MB, KK)
BuildID: 20150626002504
Gaia: 1f8981d7872e3c0053571c26fb3edaf401844d75
Gecko: 2f8b845e5fa3
Gonk: bd9cb3af2a0354577a6903917bc826489050b40d
Version: 37.0 (2.2) 
Firmware Version: v18D-1
User Agent: Mozilla/5.0 (Mobile; rv:37.0) Gecko/37.0 Firefox/37.0
QA Whiteboard: [QAnalyst-Triage?]
Flags: needinfo?(ktucker)
Keywords: qawantedregression
QA Whiteboard: [QAnalyst-Triage?] → [QAnalyst-Triage+]
Flags: needinfo?(ktucker)
Closed: 5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: CVE-2015-8511
Group: b2g-core-security
Component: Gaia::Feedback → Gaia::System::Lockscreen
Keywords: sec-critical
Group: b2g-core-security
You need to log in before you can comment on or make changes to this bug.