Closed Bug 948205 Opened 11 years ago Closed 11 years ago

"seer.sqlite" sounds like a security concern

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Version:
28 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla29

People

(Reporter: aeidein, Assigned: u408661)

References

Details

Attachments

(1 file, 1 obsolete file)

patch v2
5.77 KB, patch
mcmanus
: review+
vladan
: review+
Details | Diff | Splinter Review
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:28.0) Gecko/20100101 Firefox/28.0 (Beta/Release) Build ID: 20131208030204 Actual results: seer (n) 1. a person who sees; observer. That's not the image we want to convey. Expected results: The file should be rebranded to something less ominous so users aren't spooked by security concerns.
Yeah, it is oddly named. While probably innocuous, some less cryptic naming might be a good idea. (this will probably get mentioned again just because it's odd) Is there any reason this couldn't just be named predictive-cache.sqlite or something? Its naming is sort of out of place in comparison to other files in the profile folder.
Blocks: 881804
Flags: needinfo?(hurley)
OS: Windows 7 → All
Hardware: x86 → All
Summary: "seer.sqlite" sounds like a security concern. → "seer.sqlite" sounds like a security concern
Component: Untriaged → Networking
Product: Firefox → Core
While I'm skeptical that most users will even notice (how many really look in their profiles to begin with?), fixing this will actually make fixing some other bugs with the seer much easier, and it will bring peace of mind to those who *do* look in their profiles, so I'll take this (probably rolled into the patch for another bug, yet to be filed).
Assignee: nobody → hurley
Flags: needinfo?(hurley)
Status: UNCONFIRMED → NEW
Ever confirmed: true
This takes care of having a new name for seer.sqlite, and removing the old version on upgrade. I also took this opportunity to fix an issue with the schema that caused some foreign key constraints to fail, since we're able to start with a fresh db at this point.
Attachment #8359372 - Flags: review?(mcmanus)
Attachment #8359372 - Flags: review?(mcmanus) → review+
Attached patch patch v2Splinter Review
Realized I missed a couple more places where seer.sqlite was explicitly named (specifically the test and in Telemetry.cpp). Patrick, Seer.cpp hasn't changed at all, the only bit changed for you is test_seer.js. Vladan - this is just a quick rename in Telemetry.cpp for you.
Attachment #8359372 - Attachment is obsolete: true
Attachment #8359426 - Flags: review?(vdjeric)
Attachment #8359426 - Flags: review?(mcmanus)
Attachment #8359426 - Flags: review?(vdjeric) → review+
Attachment #8359426 - Flags: review?(mcmanus) → review+
Blocks: 945779
https://hg.mozilla.org/mozilla-central/rev/044a089451c8
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla29
(In reply to Nicholas Hurley [:hurley] from comment #3) > Created attachment 8359372 [details] [diff] [review] > 0001-Bug-948205-Rename-seer.sqlite-and-fixup-schema-in-the-process-.-r- > mcmanus.patch > > This takes care of having a new name for seer.sqlite, and removing the old > version on upgrade. I also took this opportunity to fix an issue with the > schema that caused some foreign key constraints to fail, since we're able to > start with a fresh db at this point. I just installed the latest m-c hourly build for win32, running on win7 x64 and unless I'm not understanding, I still have a seer.sqlite file - I 'thought' that was to be renamed in this patch ?
(In reply to Jim Jeffery not reading bug-mail 1/2/11 from comment #7) > I just installed the latest m-c hourly build for win32, running on win7 x64 > and unless I'm not understanding, I still have a seer.sqlite file - I > 'thought' that was to be renamed in this patch ? Most likely the build with this patch was not ready when you installed the hourly build (windows builds take a while), as I have definitely see this patch do its job. What do you see under the "Source" heading on about:buildconfig ?
(In reply to Nicholas Hurley [:hurley] from comment #8) > (In reply to Jim Jeffery not reading bug-mail 1/2/11 from comment #7) > > I just installed the latest m-c hourly build for win32, running on win7 x64 > > and unless I'm not understanding, I still have a seer.sqlite file - I > > 'thought' that was to be renamed in this patch ? > > Most likely the build with this patch was not ready when you installed the > hourly build (windows builds take a while), as I have definitely see this > patch do its job. What do you see under the "Source" heading on > about:buildconfig ? I just again downloaded the latest hourly and under the 'source' I have: http://hg.mozilla.org/mozilla-central/rev/81bced59e8b3 <- latest cset Unless this is something that only takes place when installing a full Nightly build, but the build I downloaded is a Tinderbox build, win32 from mozilla-central, running on win7 x64 machine. I still have a seer.sqlite file in my profile.
I have found the reason that the file didn't get re-named. I had the pref network.seer.enabled set to 'disabled' because of the huge size it was getting. There is another bug addressing capping the size of the file. Once I set the pref back to default, the name changed to the new file name as expected. Whether this is an issue you guys need to check I don't know, but would seem even with the pref disabled the file should have been renamed maybe ? Or, would the fact that if someone re-enabled it the change would take effect and would be no problem.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: