Open Bug 59808 Opened 25 years ago Updated 3 years ago

Change nsSpecialSystemDirectory::operator=(OS_TemporaryDirectory) to violate FHS

Categories

(Firefox :: File Handling, enhancement, P3)

Product:
Firefox
Component:
File Handling
Type:
enhancement

Tracking

()

People

(Reporter: olaf, Unassigned)

References

(
URL
)

Details

(Keywords: arch)

(This is OS="generic Unix", but Bugzilla is missing that choice.) Much of Mozilla uses a hardcoded path of /tmp for temporary files. As demonstrated in bug 58371 and exposed about weekly on bugtraq, this is not really a good thing. Temporary files generated by a user should be put in a user-specific directory where they can not interfere with other users' temporary files (or worse, get interfered with by other users). Many applications use a TMPDIR environment variable. This is generic enough to warrant a library routine of some sort which is called for every temporary file. Ideally, that could do the following: - if $TMPDIR exists, use that - if $HOME/tmp exists, use that - else use $HOME/.mozilla/tmp (create that if not available) - ideally never fall back to /tmp Really, /tmp is one of the worse ideas of Un*x. It is somewhat of a bigger project, but should be worth the effort, to remove its usage from Mozilla.
Confirming.
Status: UNCONFIRMED → NEW
Ever confirmed: true
I would prefer just falling back to $HOME/.mozilla/$profile/$foodir/tmp first, no $HOME/tmp. $foodir is that randomly generated dir created on new profiles. And yes, some library call which gets you that path would rock. Moving to component XP APPS for now (we need an architecture component or something)
Assignee: asa → don
Component: Browser-General → XP Apps
QA Contact: doronr → sairuh
mscott, would this belong to you? if not, do reassign...thx!
Assignee: don → mscott
Don't we already have some sort of thing in nsipath or nsifile or... egads, i need someone who knows all of our apis.
Severity: normal → enhancement
Keywords: arch
OS: Linux → All
Hardware: Other → All
Summary: Replace /tmp by something sane → [RFE] API to select a sane temp directory (/tmp is insane)
*** Bug 69938 has been marked as a duplicate of this bug. ***
*** Bug 78173 has been marked as a duplicate of this bug. ***
we have this already. i can't figure out how we managed not to use it.
URL: http://bonsai.mozilla.org/cvsblame.cg...
Hrm. Sorry, but I expect temporary junk to go in /tmp. That's the way unix works, I don't think we should change that. If somebody sets TMP, ok, but don't default to some whacky place somewhere in the users directory. I would be pretty insulted to find that mozilla took all my quota just because it didn't clear some tmp files, or my helper apps are misconfigured. That's an insane idea. See http://www.pathname.com/fhs/, which specifies /tmp for temporary files, and nothing else. Especcially the cleanup of lost files is an argument to put it at a place where standard procedures find it.
Followup, we do use the api i was looking for in nearly every case. I filed a bug for the one instance i found that didn't. ... reporter i'm modifying the summary to (imo) more accurately describe the request. Personally, i'd suggest that a change like this be discussed in the newsgroups. If people there decide against doing this, then let it die (feel free to maintain a patch for local use that behaves differently, although i'd just as soon modify run-mozilla.sh to set $TMP to ~/tmp).
Summary: [RFE] API to select a sane temp directory (/tmp is insane) → [RFE] Change nsSpecialSystemDirectory::operator=(OS_TemporaryDirectory) to violate FHS
It seems to me that there is already a well-defined place for Mozilla to write large amounts of temporary data: ~/.mozilla/*/Cache/. All these temp files should go there, or in subdirectories of it. People already expect that directory to get large, have already explicitly specified how large they want to to get, and are already used to rm -rf'ing it when their disk fills up. But note bug 59808 -- when you're writing a tmp file because you intend to eventually *rename* that tmp file to its final name after it has all been downloaded, you have to write your tmp files into the *same directory* that you're eventually going to rename the file to. So this only applies to, e.g., temp files handed to helper apps, not to temp files created as an intermediary result of "Save Link As".
(duh, I meant bug 69938)
Component: XP Apps → File Handling
Summary: [RFE] Change nsSpecialSystemDirectory::operator=(OS_TemporaryDirectory) to violate FHS → Change nsSpecialSystemDirectory::operator=(OS_TemporaryDirectory) to violate FHS
Assignee: mscott → nobody
QA Contact: bugzilla → file-handling
From http://secunia.com/advisories/36649/ (explaining why Firefox is an unpatched security risk): >> The security issue is caused due to the browser using a fixed path from the /tmp directory when a user opens a file downloaded for opening from the "Downloads" window. This can be exploited to trick a user into opening a file with potentially malicious content by placing it in the /tmp directory before the download takes place. The security issue is confirmed in version 3.5.2 for Linux. Other versions may also be affected. <<
Product: Core → Firefox
Version: Trunk → unspecified

when I download a file I expect it to be in Downloads.
And it will half of time not be in Downloads. I did set preferences to use Downloads for downloading, but FF does not listen.

I do not want FF to decide where to put downloaded files.
This is really a very annoying bug in FF. Causes a lot of extra work.
When I download a file and it asks with what app it will be opened than FF puts it in TMP. So after editing the files disappears because FF removes files from tmp.

Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.