User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4b) Gecko/20030423 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4b) Gecko/20030423 Browsing in the "about:config" list reveals that all the path names to directories are encrypted, with the exception of "mail.news_rc.root" which list the full path including the ".slt" directory. Since the encryption is meant to hide the location of the .slt directory in order to head off hacks and security holes, this looks like a potential problem to me. Reproducible: Always Steps to Reproduce: 1. Type "about:config" in the location bar 2. Scroll down to mail.news_rc.root Actual Results: The secret directory is revealed in plain text.
There are actually quite a few mail prefs that show the complete path.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Are they really encryped? I see a cache pref and download dir prefs in plain text, among with some others. What do you see, and how do you tell things are encrypted?
My download dir is listed as a long string beginning with six "A"s and ending with: za3RvcC9Eb3dubG9hZHMAABMAAS8A//8AAA== It looks nothing like a path. I'm not *certain* that it is encrypted, but it certainly not plain text and since that seems like a hugely good idea I assumed that was the case. I do use Mozilla's password manager and have the encryption turned on in those settings, if that makes any difference here. I'm on another Mac right now that has Mozilla 2003042708, and in this case almost all of the paths are in the above assumed-encrypted form, including mail.news_rc.root. The only other paths that I can see in plain text have mostly predictable path names, like "/Applications/Mozilla.app/", but there are a few where I can see the name of my hard drive and user directory without the .slt directory (for example, editor.history_url_1 = file:///Olympus/Users/jpd/Desktop/test.html ) which is not as bad, but shouldn't it be consistent?
That's not encryption, that's a Mac OS file ref thing. It *probably* means that the patch is not as portable as the others.
Assignee: mstoltz → sspitzer
Component: Security: General → Networking: News
QA Contact: junruh → stephend
Summary: nntp root not encrypted in prefs, potentially exposing ".slt" directory? → [mac os x] nntp root stored raw path in prefs
If this bug is about being able to see the .slt directory name from about:config, that's no bug. about:config can only be viewed by the user, and the user can find that directory in her file system anyway. If you have found a way for a remote attacker or malicious website to discover the .slt directory name, or if I have misunderstood the problem, please let me know.
sorry for the spam. making bugzilla reflect reality as I'm not working on these bugs. filter on FOOBARCHEESE to remove these in bulk.
Assignee: sspitzer → nobody
Filter on "Nobody_NScomTLD_20080620"
QA Contact: stephend → networking.news
Product: Core → MailNews Core
The .root-rel pref has been added which renders this bug invalid.
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.