Closed
Bug 54267
Opened 24 years ago
Closed 23 years ago
Linux: users can deny PSM to other users
Categories
(Core :: Security: PSM, defect, P3)
Tracking
()
VERIFIED
WONTFIX
People
(Reporter: tenthumbs, Assigned: ddrinan0264)
Details
Since PSM uses unix-domain sockets on Linux and it uses fixed names it is possible for userA to create /tmp/.nsmc-$userBuid and userB cannot user PSM because userB's Mozilla can neither remove the file nor create a socket with another name. Very bad.
Here are some possible fixes. they all have problems of one kind or another. 1) Put the socket in the user's profile directory. That won't work because struct sockaddr_un only has space for 104 bytes worh of path name. The user's profile might well be deeper. 2) Pass a temp name as a commmand line argument to psm. The bad part is that the name would be visible to a "ls." The good part is that the old Mozilla Classic, nee 4.x, dns helper app has functioning code to get around this. 3) Pass a temp name in an environment variable. That would be visible in /proc but only to the user and root. 4) Use socketpair. I have no idea how portable this would be but it does work on Linux. It would mean changing the way psm starts (I think) but it might be worth it.
Version: 1.01 → 1.2
Comment 4•23 years ago
|
||
Marking wontfix. This no longer seems to be a problem with PSM 2.0.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WONTFIX
Comment 5•23 years ago
|
||
then it shoudl be marked fixed.
You need to log in
before you can comment on or make changes to this bug.
Description
•