Debian
firefox package

  1. Bug #26040
  2. Comment #1

Comment 1 for bug 26040

Revision history for this message
In , Steve Kemp (skx) wrote : Re: Bug#340284: mozilla-firefox: "su root -c firefox" gives root access to any other firefox loaded.

On Tue, Nov 22, 2005 at 12:36:46PM +0100, S. Thommerel wrote:

> To reproduce this bug:
>
> su root and then load firefox from the term. Then launch firefox from
> another unrelated and normal user terminal. The newly launched firefox reads root's
> profile and gets root's rights.

  Isn't this expected behaviour from Firefox? When invoking new copies
 it doesn't spawn an independent new instance, instead it connects to
 the already-running instance?

  I guess it's a security hole in a sense...

Steve
--