756418 - When starting a sudo session, Firefox passes your credentials to the form, despite it shouldn't

Status: RESOLVED INCOMPLETE

(Toolkit :: Startup and Profile System, defect)

Description

[sowji.k11]

User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19

Comment 1

[Benjamin Smedberg]

Could you be more specific? If you are using "sudo -i" then we will use the home directory associated with the target user. If you aren't, then the environment doesn't change and we use the home directory associated with you. This is according to the design of `sudo`.

Arguably Firefox should probably refuse to run as root ever, since that's pretty much never a good idea, but that's a different bug.

Not something that needs to remain security-private.

Comment 2

[Mike Hommey [:glandium]]

(In reply to Benjamin Smedberg  [:bsmedberg] from comment #1)
> Could you be more specific? If you are using "sudo -i" then we will use the
> home directory associated with the target user. If you aren't, then the
> environment doesn't change and we use the home directory associated with
> you. This is according to the design of `sudo`.

To add some verbosity, this means that:
- the sudo'ed firefox will use your profile, which means it will get all the credentials, history, etc. from it.
- it will overwrite some files from your profile with new files with root permission. Running Firefox again without sudo on this profile may remove these files because they aren't readable, and you may lose some data.
 
> Arguably Firefox should probably refuse to run as root ever, since that's
> pretty much never a good idea, but that's a different bug.

FWIW, in Iceweasel, I check the sudo environment variables and if they match sudo not being called with -i/-H, I change HOME as if sudo was called with -H. I was considering filing a bug to do that in firefox too.

Comment 3

[Phoenix]

Resolved per whiteboard