1205598 - Print preview doesn't honor Private Browsing Mode and writes to /tmp

Status: NEW

(Firefox :: Private Browsing, defect, P3)

Description

[intrigeri]

User Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Build ID: 20100101

Steps to reproduce:

1. Start Tails 1.5.1
2. Start Tor Browser (which is given its own $TMPDIR and hasn't access to /tmp)
3. Open the print preview dialog in Tails 1.5.1: open menu via sandwidch icon -> Print.


Actual results:

The print preview is empty (gray background only), and the AppArmor logs show that Firefox has tried to create a file in /tmp (e.g. /tmp/tmpfY7kKdS).


Expected results:

A print preview should be displayed.

Background: on Tails, for application isolation we have an AppArmor policy that blocks access to /tmp for the web browser (Tor Browser, that is Firefox + some patches). So, we give the browser its own temporary directory and we have a wrapper around the brower that exports $TMPDIR accordingly. 

I would expect that the print preview functionality honors $TMPDIR, and works even if /tmp is not accessible read-write.

Comment 1

[Georg Koppen]

I think we should make the stronger claim that the print preview should not write to disk in the first place if Private Browsing Mode is activated.

Comment 2

[Georg Koppen]

And /tmp is even not cleaned up afterwards (i.e. when the browser gets closed) it seems.

Comment 3

[MSvB]

There have been similar leaking to TMPDIR problems, like the one I solved in 1123480. Might be useful as reference, and there might be other leaks lurking which an audit could reveal. Braintease: how to write a comprehensive TMPDIR leak test for feature additions with disk access?