Closed
Bug 264372
Opened 20 years ago
Closed 20 years ago
Temporary files in /tmp are world-readable
Categories
(Firefox :: File Handling, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 251297
People
(Reporter: vogel, Assigned: bugs)
Details
(Whiteboard: [sg:dupe 251297])
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.3) Gecko/20040924 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041012 Firefox/0.10.1 Temporary files in /tmp, created e.g. by accessing files that need a helper application, are world-readable. This is a security/privacy issue, as these documents might contain data from protected web sites. Reproducible: Always Steps to Reproduce: 1. Click on any link to a PDF document. 2. In Download Manager, select "Open with" and "browse" to /usr/bin/xpdf 3. Execute "ls -l /tmp" and look for the file just downloaded. Actual Results: There is a file entry listed like this: -rw-rw-r-- 1 vogel vogel 11833929 Oct 14 17:36 downloaded.pdf Expected Results: Something like this: -rw------- 1 vogel vogel 11833929 Oct 14 17:36 downloaded.pdf
Comment 1•20 years ago
|
||
> -rw------- 1 vogel vogel 11833929 Oct 14 17:36 downloaded.pdf
group-readable/writable?
It's only a problem for HTTPS/SSL sites. Everything else came unprotected over
the network anyways.
Reporter | ||
Comment 2•20 years ago
|
||
But not all users on a multi-user host can listen to all network traffic. So it's clearly not limited to HTTPS sites.
Comment 3•20 years ago
|
||
We've got the same bug for mail attachments and we do want to fix that one. This is probably a dupe since I suspect it's the uriloader/exthandler code causing the problem.
Comment 4•20 years ago
|
||
Daniel, can you go ahead and dupe it then if you think it's appropriate? I can't see the other bug you're talking about...
It seems like nsExternalAppHandler::ExecuteDesiredAction either shouldn't call MoveFile or should call it in a way that doesn't call FixFilePermissions in the helper app / use system default case. FixFilePermissions (which uses the umask) seems like something we want only for a user-chosen location.
Comment 6•20 years ago
|
||
Found it, bug 251297. That's written against mail, but it's been confirmed and has more CC's. *** This bug has been marked as a duplicate of 251297 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Updated•20 years ago
|
Whiteboard: [sg:dupe 251297]
Updated•20 years ago
|
Group: security
You need to log in
before you can comment on or make changes to this bug.
Description
•