© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
2eb648a
demo site
(Get the code!)
Message-ID: <email address hidden>
Date: Tue, 22 Nov 2005 13:21:03 +0100
From: Mike Hommey <email address hidden>
To: "S. Thommerel" <email address hidden>, <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#340284: mozilla-firefox: "su root -c firefox" gives root access to any other
firefox loaded.
severity 340284 normal
merge 340284 238533
thanks
On Tue, Nov 22, 2005 at 12:36:46PM +0100, S. Thommerel <email address hidden> wrote:
> Package: mozilla-firefox
> Version: 1.0.7-1
> Severity: critical
> Tags: security
> Justification: root security hole
>
>
>
> To reproduce this bug:
>
> su root and then load firefox from the term. Then launch firefox from
> another unrelated and normal user terminal. The newly launched firefox reads root's
> profile and gets root's rights.
>
> I normally have no rights to save anything in /usr/share with my user
> account. I used firefox as root to go and grab an icon for xfce4 that I
> could save in /usr/share/pixmaps. After that the download tab was the
> only remaining part of root's firefox.
> I loaded firefox (normal user account) and it didn't not show my normal
> homepage. I tried to save google's logo in /usr/share/pixmaps. It
> worked!!!
You ran your firefox from the same display, thus using the one that was
already on the display. It's a feature. It may be annoying, but not a
security problem : if you have a root mozilla/firefox on your display,
well, you already have root access.
If you'd try on another display (Xnest or whatever), you'd see running
firefox from there would bring a new instance.
Downgrading severity, and merging with duplicates.
Mike
>
>
>
>
> -- System Information:
> Debian Release: testing/unstable
> APT prefers testing
> APT policy: (500, 'testing')
> Architecture: i386 (i686)
> Shell: /bin/sh linked to /bin/bash
> Kernel: Linux 2.6.14
> Locale: LANG=C, LC_CTYPE=fr_FR (charmap=
>
> Versions of packages mozilla-firefox depends on:
> ii debianutils 2.15.1 Miscellaneous utilities specific t
> ii fontconfig 2.3.2-1 generic font configuration library
> ii libatk1.0-0 1.10.3-1 The ATK accessibility toolkit
> ii libc6 2.3.5-6 GNU C Library: Shared libraries an
> ii libfontconfig1 2.3.2-1 generic font configuration library
> ii libfreetype6 2.1.7-2.4 FreeType 2 font engine, shared lib
> ii libgcc1 1:4.0.2-2 GCC support library
> ii libglib2.0-0 2.8.3-1 The GLib library of C routines
> ii libgtk2.0-0 2.6.10-1 The GTK+ graphical user interface
> ii libidl0 0.8.5-1 library for parsing CORBA IDL file
> ii libjpeg62 6b-10 The Independent JPEG Group's JPEG
> ii libkrb53 1.3.6-5 MIT Kerberos runtime libraries
> ii libpango1.0-0 1.8.2-3 Layout and rendering of internatio
> ii libpng12-0 1.2.8rel-5 PNG library - runtime
> ii libstdc++6 4.0.2-2 The GNU Standard C++ Library v3
> ii libx11-6 6.8.2.dfsg.1-7 X Window System protocol client li
> ii libxext6 6.8.2.dfsg.1-7 X Window System miscellaneous exte
> ii libxft2 2.1.7-1 FreeType-based font drawing librar
> ii libxinerama1 6.8.2.dfsg.1-7 X Window System multi-head display
> ii libxp6 6.8.2.dfsg.1-7 X Window System printing extension
> ii libxt6 6.8.2.dfsg.1-7 X Toolkit Intrinsics
> ii psmisc 21.8-1 Utilities that use the proc filesy
> ii xlibs 6.8.2.dfsg.1-7 X Window System client libraries m
> ii zlib1g 1:1.2.3-4 compression library - runtime
>
> mozilla-firefox recommends no packages.
>
> -- no debconf information
>
>