Open Bug 247186 Opened 19 years ago Updated 4 months ago

starting firefox with a other user on the same x-session only forks firefox, even if it is not from the same user


(Toolkit :: Startup and Profile System, defect)






(Reporter: bastiaf, Unassigned)



(1 file)

User-Agent:       Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7) Gecko/20040616 Firefox/0.9
Build Identifier: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7) Gecko/20040616 Firefox/0.9

First user1 starts Firefox. After changing the user to user2 with su on the same
X session and starting firefox with this user2, only the Firefox from user1 is
forked. user2 don't get his own Firefox, instead he can use the configuration,
bookmarks, passwords und form fills from user1.

Reproducible: Always
Steps to Reproduce:
1. start Firefox with user1
2. su - user2 on a terminal in the same X session
3. start Firefox with this second user2

Actual Results:  
user2 has access to the Firefox configuration, bookmarks, passwords etc. from user1

Expected Results:  
starting a new Firefox for user2
If you change LOGNAME for the the user you su'd into this problem should stop.
But this is not something that should be able to happen no matter what the value
of LOGNAME. For example it also works if you do the following:

user2@system:~$ LOGNAME=user1 DISPLAY=:0 firefox
Behaviour for sessions is not the same in Firefox as it is in IE. Sessions
should not be transferable across instances of browsers (not tabbed window).

Proof of concept
Reproducible: Always
Steps to Reproduce:
1. Go to
2. Follow instructions - session variable contents displayed on subsequent page
3. Start new instance of Firefox with URL in (1)
4. Form is pre-filled with session data from other instance of browser
5. This behaviour does NOT occur under IE6.

This has application issues in that if we are editing data for one customer in
one browser and another customer in another, this could result in inadvertent
data errors. This means Firefox is not fit for purpose for us and unfortunately
we have to use IE as well. 
(In reply to comment #2)
> Behaviour for sessions is not the same in Firefox as it is in IE. Sessions
> should not be transferable across instances of browsers (not tabbed window).

I do not think you are talking about the same bug here. I am not talking about a
cache-securtiy bug. But a physical user, any user can startup an instance of
firefox in name of the previous user. The problem you are talking about is not a
real issue as you are talking about a single user-environment, and I am talking
about a mulit-user environment.

The same is true on WinXP, and presumably every other OS.

For my case, I ran the firefox installer with admin privileges by way of the
runas command, and let the installer launch firefox at the end.  Then, opening a
shortcut on the user-privileged desktop created a new window instead of a new
process.  I assume the same would happen in a fast-user-switch environment, but
I cannot confirm that.

It appears that on program start, if a running instance is detected, a new
window is created with the same credentials as that instance.  This is fine in a
single-user environment.  In a multi-user environment, this is unacceptable. 
The simple fix would be to create a new process every time.  A better fix is to
compare the owner of each running instance with the owner of the new instance. 
If they are the same, then create a new window; if they are different, then
create a new process.  If having multiple processes is unacceptable, then the
user credentials have to be tracked on a per-window basis.  If an instance is
already running, create a new window with user credentials matching the owner of
the new process.
As a server-side programmer, I am tangling with the issue of people opening multiple browser windows (in the same process) and getting the same http-session information shared as a consequence.  In IExplore you can still start the browser in a new process and hence get a fresh http-session and consequently separated server-side session upkeep (or re-use the process with ctrl-N and share the server-side session).  In Mozilla 1.7 / FireFox 1.07 there is no facility to force a new process (and hence a distinctly separate server-side session).  
I know that this is technically a different issue to that of starting different processes in a multi-user environment, but while this issue is boing considered, I would like to lobby for some help for the poor server-side programmers who have to deal with this conundrum.
I would love to see a feature that allows users to choose to start the browser windows according to their needs: same session, or distinct session.  I suggested on a forum elsewhere that it would be ideal to have a setup option to have Tabs start in the same process (and hence share serverside session information), and Windows start in a new process (and hence NOT share serverside session information).  At the UI level this would amount to a simple pair of radio buttons in the "Prefs" "Advanced" area.
Alternatively or as well, it would be great to have a menu option like "New Window" but "New Session".  Obviously this will baffle the punters to some degree. 
That is of course if Mozilla can sustain being run in separate processes at all.
If this needs to be posted to a new Bug # please let me know by email or please copy-paste it to one for me ... I am not up on the etiquette of when to create a new bug or when to accumulate alike bugs together.
Thanks for listening. 

Ok, I think that my comment more correctly relates to (and this Bug is a related problem to):
also I made a related comment at:
On Linux Mandrake 9 / Firefox 1.5 - rv 1.8:
In some cases, when launching firefox under another user, no instance is created;
Instead, another window is created, with the previous user's history, cookies, plugins,...
It seems to depend on user rights:
When login as root, and launching firefox, the previous instance is activated;
When login as normal user, a new instance is created.
Assignee: bross2 → nobody
Component: General → Startup and Profile System
QA Contact: general → startup
Product: Firefox → Toolkit
OS: FreeBSD → All
On Windows:
When you launch Firefox, it searches for a window named "FirefoxMessageWindow". If it finds this window, it opens a new browser window instead of a new instance - even if you try to start Firefox with another profile or as another user. 

There is a relative simple solution to this problem: Just include the name of the profile as well as the username within the name of the MessageWindow.

E.g., call it "FirefoxMessageWindow(Alex:MyProfile)" instead of "FirefoxMessageWindow". This works as expected using the current nightly - a new instance is started if you choose a different profile or run as another user.

The corresponding function "className()" to be modified can be found within the "struct MessageWindow" in file ".\toolkit\xre\nsNativeAppSupportWin.cpp"

However, I am not sure how Firefox checks if it is already running on Linux...


In the process of migrating remaining bugs to the new severity system, the severity for this bug cannot be automatically determined. Please retriage this bug using the new severity system.

Severity: major → --
You need to log in before you can comment on or make changes to this bug.