Closed
Bug 54267
Opened 25 years ago
Closed 24 years ago
Linux: users can deny PSM to other users
Categories
(Core :: Security: PSM, defect, P3)
Tracking
()
VERIFIED
WONTFIX
People
(Reporter: tenthumbs, Assigned: ddrinan0264)
Details
Since PSM uses unix-domain sockets on Linux and it uses fixed names it is
possible for userA to create /tmp/.nsmc-$userBuid and userB cannot user PSM
because userB's Mozilla can neither remove the file nor create a socket with
another name. Very bad.
Here are some possible fixes. they all have problems of one kind or
another.
1) Put the socket in the user's profile directory. That won't work
because struct sockaddr_un only has space for 104 bytes worh of path
name. The user's profile might well be deeper.
2) Pass a temp name as a commmand line argument to psm. The bad part is
that the name would be visible to a "ls." The good part is that the old
Mozilla Classic, nee 4.x, dns helper app has functioning code to get
around this.
3) Pass a temp name in an environment variable. That would be visible in
/proc but only to the user and root.
4) Use socketpair. I have no idea how portable this would be but it does
work on Linux. It would mean changing the way psm starts (I think) but
it might be worth it.
Version: 1.01 → 1.2
Comment 4•24 years ago
|
||
Marking wontfix. This no longer seems to be a problem with PSM 2.0.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → WONTFIX
Comment 5•24 years ago
|
||
then it shoudl be marked fixed.
You need to log in
before you can comment on or make changes to this bug.
Description
•