Closed
Bug 93847
Opened 23 years ago
Closed 23 years ago
Poor security in file downloading.
Categories
(SeaMonkey :: UI Design, defect)
Tracking
(Not tracked)
People
(Reporter: dan, Assigned: neeti)
Details
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801 BuildID: 2001080104 When downloading a file, the file is saved first to /tmp, then moved to your location of choice. There are two problems with this... First, the file is created mode 0644. This means that while your file is downloading, anyone can read your file. Second, if you've chosen a save location that you don't have write permission to, your file will remain in /tmp, mode 0644, without any warning or indication that the file couldn't be saved where you wanted it. Also, when choosing a location to save, directory names that begin with a dot don't show up in the directory listing. I know these are suposed to be "hidden" files, however, Netscape did show them. Reproducible: Always Steps to Reproduce: 1.Select a file to download. 2.Download it to a directory you don't have permission to write to.
|
||
Comment 1•23 years ago
|
||
*** This bug has been marked as a duplicate of 55690 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
VERIFIED: same problem -> xpapps + qa.
Status: RESOLVED → VERIFIED
Component: Networking → XP Apps
QA Contact: benc → sairuh
|
||
Updated•20 years ago
|
Product: Core → Mozilla Application Suite
You need to log in
before you can comment on or make changes to this bug.
Description
•