Closed Bug 93847 Opened 24 years ago Closed 24 years ago

Poor security in file downloading.

Categories

(SeaMonkey :: UI Design, defect)

Product:
SeaMonkey
Component:
UI Design
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 55690

People

(Reporter: dan, Assigned: neeti)

Details

From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801 BuildID: 2001080104 When downloading a file, the file is saved first to /tmp, then moved to your location of choice. There are two problems with this... First, the file is created mode 0644. This means that while your file is downloading, anyone can read your file. Second, if you've chosen a save location that you don't have write permission to, your file will remain in /tmp, mode 0644, without any warning or indication that the file couldn't be saved where you wanted it. Also, when choosing a location to save, directory names that begin with a dot don't show up in the directory listing. I know these are suposed to be "hidden" files, however, Netscape did show them. Reproducible: Always Steps to Reproduce: 1.Select a file to download. 2.Download it to a directory you don't have permission to write to.
*** This bug has been marked as a duplicate of 55690 ***
Status: UNCONFIRMED → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
VERIFIED: same problem -> xpapps + qa.
Status: RESOLVED → VERIFIED
Component: Networking → XP Apps
QA Contact: benc → sairuh
Product: Core → Mozilla Application Suite
You need to log in before you can comment on or make changes to this bug.