See, I've grown less and less fond of Ubuntu as time has gone onward and incidents like this just don't help things.

TL;DR: Big ole custom patch in GDM allows root access to systems.

Afraid your girlfriend will p0wn your rig while you're away?
SHOCK! HORROR! Another exploit that in no (realistic) way affects desktop users (and probably most corporate ones as well).

I'll quote a very sensible remark from the original article:
I have recently spent quite a bit of time looking for security vulnerabilities in Ubuntu’s system services, and it has mostly been an exercise in frustration. I have found (and reported) a few issues, but the majority have been low severity. Ubuntu is open source, which means that many people have looked at the source code before me, and it seems like all the easy bugs have already been found.

Also from it:
Exploitation steps
First, open a terminal

lol. enjoy your sad sensationalism

Hot take: policykit/polkit should've never existed. (Same for gdm and all this other garbage though, bloat designed by and for windows/mac lovers)

Just a couple weeks ago I was thinking of switching to a different distro because I don't want to see polkit (and other nonsense) on my system. Still haven't made up my mind. I feel like nobody's making distros with good taste, maybe I have to roll my own.

And what the actual heck? Polkit depends on.. mozjs! So some webshit can configure their sudo-for-systemd in javascript. Goodness gracious, I don't want to have anything to do with modern linux desktops.

Is mint a derivative? Does it effect derivatives?

*humps his gaming rig* Yeah, baby! =P

Honestly, people like me who have absolutely no problems with Win10/macOS probably don't give two shits about what's happening in Linux-land. *shrug* Really odd comment to make.

ewwwww clean up

I used to be a big-time Windows 3.1 hacker (or was it 3.11, not quite sure).

When my friend's Windows 3.1 computer screen saver was running, I moved the mouse so that the password window popped up, and then I dragged that password window to the very bottom right corner of the screen so that only one pixel was visible from the window, at the very bottom right corner.

Then when my friend came to his computer and moved the mouse in order to see the password prompt screen, he saw nothing as it was hidden almost completely outside the screen.

He was like WTF and I was like LOL.

On my Mint/Cinnamon machine, the gdm3 package isn't installed.

On the other hand, Windows 3.1 and Mac OS <= 9 are probably among the safest systems you can use today. While they have no concept of security whatsoever, it's also the case that no one writing exploits target them.

I like to explain it like this: Ubuntu is the leftovers of Debian LTS and Mint is the table scraps of Ubuntu LTS.

So yes, unless you do the sensible thing and toss out GDM.

Have you not read timppu's post?

Actually, that does remind me of how Windows versions up to XP had paperweight security, you could just spawn an explorer or any similar number of things to get past a login prompt.

Who cares? Even I don't read my own posts.

I did. Any password screen in those days was pretty much a smoke screen, easier to bypass by not typing the password than actually doing so.