Closed Bug 276677 Opened 20 years ago Closed 2 years ago

Security: User's remote mailboxes and messages should become visible only after login

Categories

(Thunderbird :: Account Manager, enhancement)

Product:
Thunderbird
Component:
Account Manager
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 318697

People

(Reporter: jari.aalto, Unassigned)

Details

(Keywords: privacy, sec-other, Whiteboard: [sg:nse]) 

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041219 Firefox/1.0 (Debian package 1.0+dfsg.1-1)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041219 Firefox/1.0 (Debian package 1.0+dfsg.1-1)

It would be good if security were slightly improved in Thunderbird. For example
anyone can open Thunderburd (if the account in open in PC; this is usual in
shared offices, when someone is in another room a while), and see what mailboxes
and messages are there.

The problem is that:
- The login screen to remote mailboxes appear
- But thee "Folders" is visible and shows the last sessions opened
  folders na message heading to the right

It would be good if no remote Folders names (the folders were collapsed by
default) or the message headings were displayed until correct login were issued.
displayed at all until user logs in to those


Reproducible: Always

Steps to Reproduce:
1. open program
2. You will see opened Folder names to the right
3. Login screen to remote folders apper

Actual Results:  
Folder names are visible
Message headings are visible

Expected Results:  
Folders were collapsed
Messages/Headings not visible

Program: Debian thunderbird 0.9 20041124
Clearing confidential flag.

Note that this would help IMAP only -- for POP the mail is saved locally, so if
someone's got the machine access this bug implies then they could always read
the raw mail bypassing the client.
Group: security
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: privacy
Whiteboard: [sg;nse]
OS: Linux → All
Hardware: PC → All
Summary: Sucurity: User's remote mailboxes and messages should become visible only after login → Security: User's remote mailboxes and messages should become visible only after login
Whiteboard: [sg;nse] → [sg:nse]
I fully agree that *no* information (folder names or email message headers)
should be visible before the login is successfully completed.  In fact, if you
cancel out of the login/password dialog, you can freely scroll up and down in
the msaages window and read all the headings for the messages that were last
cached.  Depending on what options are chosesn for display, sensitive items such
as teh sender's email address, subject, etc. are all at least partially visible;
in fact, the sliders work, so even partially covered headings, such as the
subject, can all be revealed without having logged on.

The preferable situation would be to have displayed a blank area for both the
folder and messages area until *after* a successful login.  In particular, this
is a bad default choice for any machine deployed in a shared-use area.

This is reproducible since at least Thunderbird 1.0 (possible before) and
through and including 1.0.3, using Windows 98 and XP clients.
QA Contact: account-manager
Assignee: mscott → nobody
Severity: normal → S3
Status: NEW → RESOLVED
Closed: 2 years ago
Duplicate of bug: 318697
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.