Closed
Bug 253083
Opened 20 years ago
Closed 20 years ago
"runas /user:FOO firefox.exe" does not start firefox as user FOO, if firefox is already started as user BAR
Categories
(Firefox :: Shell Integration, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 247412
People
(Reporter: tom.unger, Assigned: bugs)
Details
(Whiteboard: [sg: dupe 247412])
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040707 Firefox/0.9.2 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040707 Firefox/0.9.2 new Firefoxinstance inherits securitycontext of the already running instance when using "runas". This can lead to privilegeelevation Reproducible: Always Steps to Reproduce: Situation: WindowsXP got 2 Accounts: Admin(Administrator) and FOO(restricted user) Situation 1. Log on as user FOO 2. All instances of firefox.exe are closed Problem: 1. use "runas /user:admin firefox.exe" to run firefox as admin while beeing logged on as FOO -> firefox runs with admin-userrights(navigate to admins homedir etc) 2. Now start firefox using the Icon on the desktop from user FOO -> this will *NOT* start firefox as user FOO. It will open a firefox-instance with the rights of the already running firefox instance of admin Actual Results: The new instance of firefox can navigate with the admin-userrights Expected Results: Firefox should started as user FOO and should not inherit the userrights from the running instance. Windows XPPRO SP1 German full patched
*** This bug has been marked as a duplicate of 247412 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Updated•20 years ago
|
Group: security
Whiteboard: [sg: dupe 247412]
You need to log in
before you can comment on or make changes to this bug.
Description
•