Closed
Bug 293650
Opened 20 years ago
Closed 19 years ago
Opening privileged file by drag&drop from other application
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: org.mozilla.bugzilla-NO-PRIVATE-MAIL, Unassigned)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; cs-CZ; rv:1.7.7) Gecko/20050414 Firefox/1.0.3
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; cs-CZ; rv:1.7.7) Gecko/20050414 Firefox/1.0.3
When I drag and drop a link from other application to browser window, it will be
opened, though it is refering to privileged file.
Reproducible: Always
Steps to Reproduce:
1. Create link to privileged file in other application.
for example: <a href="chrome://browser/content/browser.xul">gogo</a>
Make an e-mail in Thunderbird with this link and use "send later" (in HTML).
Read this mail in folder "unsent messages".
2.Drag and drop the link to Firefox window.
Actual Results:
Privileged file was opened.
Comment 1•20 years ago
|
||
60 days inactive: INVALID in 72 hours, otherwise reassigning to owner.
Is this reproducable with a nightly build (http://www.mozilla.org/developer)?
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Updated•20 years ago
|
Assignee: nobody → wbzsinj
Status: ASSIGNED → NEW
Updated•20 years ago
|
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
Updated•20 years ago
|
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
Updated•20 years ago
|
Assignee: wbzsinj → nobody
Status: REOPENED → NEW
Comment 2•19 years ago
|
||
(In reply to comment #1)
> Is this reproducable with a nightly build (http://www.mozilla.org/developer)?
Yes, same problem with nightly build.
Mozilla/5.0 (Windows; U; Windows NT 5.1; cs; rv:1.8b5) Gecko/20051011 Firefox/1.4.1
Comment 3•19 years ago
|
||
1.4.1? I must have pointed you to the 1.5 Beta page. Please also download 1.6
Alpha (the continuously updated trunk version) at http://www.mozilla.org/developer/
Comment 4•19 years ago
|
||
(In reply to comment #3)
> 1.4.1? I must have pointed you to the 1.5 Beta page. Please also download 1.6
> Alpha (the continuously updated trunk version) at
http://www.mozilla.org/developer/
Same problem.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20051014
Firefox/1.6a1
Comment 5•19 years ago
|
||
What is the expected result? If you originally had priviledges to the file, why
would the transfer remove those priviledges from you?
Reporter | ||
Comment 6•19 years ago
|
||
(In reply to comment #5)
> What is the expected result?
I supposed this problem. However, you probably want know, what Firefox should do by my opinion. Firefox should do the same, which do, when you drag&drop link from Firefox, I think. (ignore drag&drop)
> If you originally had priviledges to the file, why
> would the transfer remove those priviledges from you?
I don't understand this question.
Comment 7•19 years ago
|
||
If you're dragging the link from Firefox, what are you dragging it to?
Comment 8•19 years ago
|
||
Per bug 285438 comment 42, it seems that this bug is invalid.
Comment 9•19 years ago
|
||
Good find.
<- INVA per comment 8
Status: NEW → RESOLVED
Closed: 20 years ago → 19 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•