Linux: users can deny PSM to other users

VERIFIED WONTFIX

Status

()

P3
normal
VERIFIED WONTFIX
19 years ago
11 years ago

People

(Reporter: tenthumbs, Assigned: ddrinan0264)

Tracking

1.0 Branch
x86
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

19 years ago
Since PSM uses unix-domain sockets on Linux and it uses fixed names it is
possible for userA to create /tmp/.nsmc-$userBuid and userB cannot user PSM
because userB's Mozilla can neither remove the file nor create a socket with
another name. Very bad.
(Reporter)

Comment 1

19 years ago
Here are some possible fixes. they all have problems of one kind or
another.

1) Put the socket in the user's profile directory. That won't work
because struct sockaddr_un only has space for 104 bytes worh of path
name. The user's profile might well be deeper.

2) Pass a temp name as a commmand line argument to psm. The bad part is
that the name would be visible to a "ls." The good part is that the old
Mozilla Classic, nee 4.x, dns helper app has functioning code to get
around this.

3) Pass a temp name in an environment variable. That would be visible in
/proc but only to the user and root.

4) Use socketpair. I have no idea how portable this would be but it does
work on Linux. It would mean changing the way psm starts (I think) but
it might be worth it.

Version: 1.01 → 1.2

Comment 2

18 years ago
Changing QA contact to nitinp
QA Contact: lord → nitinp

Comment 3

18 years ago
Reassigning to ddrinan.
Assignee: lord → ddrinan
QA Contact: nitinp → junruh

Comment 4

18 years ago
Marking wontfix. This no longer seems to be a problem with PSM 2.0.
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → WONTFIX
then it shoudl be marked fixed.

Comment 6

18 years ago
Verified.
Status: RESOLVED → VERIFIED

Updated

14 years ago
Component: Security: PSM → Security: PSM
Product: PSM → Core

Updated

11 years ago
Version: psm1.2 → 1.0 Branch
You need to log in before you can comment on or make changes to this bug.