Closed Bug 823965 Opened 12 years ago Closed 12 years ago

App can delete files from a storage type where it does not have permission

Categories

(Core :: DOM: Device Interfaces, defect)

Product:
Core
Component:
DOM: Device Interfaces
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla21
Project Flags:
blocking-basecamp -
Tracking Flags:
Tracking Status
firefox19 --- wontfix
firefox20 --- wontfix
b2g18 + fixed

People

(Reporter: davehunt, Assigned: baku)

Details

Attachments

(1 file)

patch
6.65 KB, patch
dougt
: review+
dougt
: approval-mozilla-b2g18+
Details | Diff | Splinter Review 
While working on a patch for the Gaia UI tests that clears all media from the sdcard between tests I encountered this permissions bug.

If I create a navigator.getDeviceStorage('music') from within the System all (readcreate permission) then I can retrieve all files but not delete them. This is what I'd expect, however if I then create a navigator.getDeviceStorage('pictures') I am able to delete the music files previously obtained.

Steps to reproduce:

var pictures = navigator.getDeviceStorage('pictures');
var music = navigator.getDeviceStorage('music');
mreq = music.enumarate();
mreq.onsuccess = function() {
  dreq = pictures.delete(mreq.result.name); // note this uses pictures to delete music
  dreq.onerror = function () {
    console.error('failed to remove file!');
  };
  dreq.onerror = function () {
    console.log('success removing file!');
  };
};

Expected: As we're trying to delete a file that does not exist in the pictures storage type then I would expect the delete to fail.

Actual: Music files are deleted, even though the app does not have permissions to do this
Assignee: nobody → doug.turner
Yeah.. i see what you're doing.  We don't protect against that.  We probably can.
blocking-basecamp: --- → ?
blocking-basecamp: ? → -
tracking-b2g18: --- → +
This isn't a great concern as most permissions are going to be handed out as r/w, and everything on your sdcard is basically exposed with any w permissions.  We'll fix this post v.1
Assignee: doug.turner → nobody
Attached patch patchSplinter Review 

        Attachment #699075 -
        Flags: review?(doug.turner)

    
  
Assignee: nobody → amarchesini

    
    

    
  
Comment on attachment 699075 [details] [diff] [review]
patch

Review of attachment 699075 [details] [diff] [review]:
-----------------------------------------------------------------

looks good.  I worry a bit about someone storing a blob that doesn't have the correct mime type set.  before this change, we were lax in checking.  now that we are enforcing this, we might see gaia bustage.  Lets keep an eye out for that.

It is better we get this change in now, then to start enforcing this later (and causing lots of bustage)  Marking approved for b2g18.

        Attachment #699075 -
        Flags: review?(doug.turner)

        Attachment #699075 -
        Flags: review+

        Attachment #699075 -
        Flags: approval-mozilla-b2g18+

    
    

    
  
david/mike, please keep an eye out for any bustage when trying to use device storage to save blobs.

    
    

    
  
Waiting for green on try, then I push it to inbound.

    
  

          status-b2g18:
          --- → fixed

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/4536e2bf1cd0
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla21

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: