Closed Bug 253083 Opened 21 years ago Closed 21 years ago

"runas /user:FOO firefox.exe" does not start firefox as user FOO, if firefox is already started as user BAR

Categories

(Firefox :: Shell Integration, defect)

x86
Windows XP
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 247412

People

(Reporter: tom.unger, Assigned: bugs)

Details

(Whiteboard: [sg: dupe 247412])

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040707 Firefox/0.9.2 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040707 Firefox/0.9.2 new Firefoxinstance inherits securitycontext of the already running instance when using "runas". This can lead to privilegeelevation Reproducible: Always Steps to Reproduce: Situation: WindowsXP got 2 Accounts: Admin(Administrator) and FOO(restricted user) Situation 1. Log on as user FOO 2. All instances of firefox.exe are closed Problem: 1. use "runas /user:admin firefox.exe" to run firefox as admin while beeing logged on as FOO -> firefox runs with admin-userrights(navigate to admins homedir etc) 2. Now start firefox using the Icon on the desktop from user FOO -> this will *NOT* start firefox as user FOO. It will open a firefox-instance with the rights of the already running firefox instance of admin Actual Results: The new instance of firefox can navigate with the admin-userrights Expected Results: Firefox should started as user FOO and should not inherit the userrights from the running instance. Windows XPPRO SP1 German full patched
*** This bug has been marked as a duplicate of 247412 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Group: security
Whiteboard: [sg: dupe 247412]
You need to log in before you can comment on or make changes to this bug.