Closed
Bug 470224
Opened 16 years ago
Closed 16 years ago
With public fox enabled and password protected a user can still go to about:config and change settings.
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: nitropanic2001, Unassigned)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4
I installed public fox to cease a separate user from making firefox changes. It is password protected and the lock about:config box is checked. When about:config is put into the address bar it required a password, but if about:Config, about:CONFIG or similar with case differences was typed you can log on and remove the public fox password or disable it altogether.
Reproducible: Always
Steps to Reproduce:
1.Run about:config (password required)
2.Run about:Config (password not required)
3.Run about:cOnfig (password not required)
4.Run about:CONFIG (password not required)
Actual Results:
I can disable the password by removing the string @ exceptions.dlwatch.pass string. Then make exceptions.dlwatch.lock false.
Expected Results:
Should not be able to open about:config at all.
Should always ask for password.
Comment 1•16 years ago
|
||
This is an issue with the Public Fox add-on and you should contact that add-on developer.
https://addons.mozilla.org/en-US/firefox/user/73042
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•