Closed
Bug 253083
Opened 21 years ago
Closed 21 years ago
"runas /user:FOO firefox.exe" does not start firefox as user FOO, if firefox is already started as user BAR
Categories
(Firefox :: Shell Integration, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 247412
People
(Reporter: tom.unger, Assigned: bugs)
Details
(Whiteboard: [sg: dupe 247412])
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040707 Firefox/0.9.2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040707 Firefox/0.9.2
new Firefoxinstance inherits securitycontext of the already running instance
when using "runas". This can lead to privilegeelevation
Reproducible: Always
Steps to Reproduce:
Situation: WindowsXP got 2 Accounts: Admin(Administrator) and FOO(restricted user)
Situation
1. Log on as user FOO
2. All instances of firefox.exe are closed
Problem:
1. use "runas /user:admin firefox.exe" to run firefox as admin while beeing
logged on as FOO -> firefox runs with admin-userrights(navigate to admins
homedir etc)
2. Now start firefox using the Icon on the desktop from user FOO -> this will
*NOT* start firefox as user FOO. It will open a firefox-instance with the rights
of the already running firefox instance of admin
Actual Results:
The new instance of firefox can navigate with the admin-userrights
Expected Results:
Firefox should started as user FOO and should not inherit the userrights from
the running instance.
Windows XPPRO SP1 German full patched
*** This bug has been marked as a duplicate of 247412 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Updated•21 years ago
|
Group: security
Whiteboard: [sg: dupe 247412]
You need to log in
before you can comment on or make changes to this bug.
Description
•