Closed
Bug 87603
Opened 23 years ago
Closed 23 years ago
world-readable "formpost-*" files are created in /tmp
Categories
(Core :: Layout: Form Controls, defect)
Tracking
()
People
(Reporter: antipode, Assigned: rods)
Details
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.5 i686; en-US; rv:0.9.1) Gecko/20010607
BuildID: 2001060713
When sending large POST data mozilla creates world-readable files in /tmp
directory with the contents of the POST data, and does not remove the files
after the form is sent. For example:
-rw-rw-r-- 1 antipode antipode 13262 Jun 23 13:53 formpost-25
-rw-rw-r-- 1 antipode antipode 7644 Jun 24 09:29 formpost-26
-rw-rw-r-- 1 antipode antipode 970062 Jun 25 04:03 formpost-27
This is a serious security flaw.
Reproducible: Always
Steps to Reproduce:
1. Go to, for example spamcop.net
2. Post a large message into the spam report area
3. have a look at /tmp: there is a "formpost" file
Expected Results: 1. Not create the files in /tmp, but if it *does*, at least
protect them by using more restrictive permissions
Reporter | ||
Comment 2•23 years ago
|
||
Yes, this seems to be a duplicate of 15320.
The only thing is that it seems that 15320 implies that the problem exists only
for file uploads, but it also does for large <textarea> data.
Thanks.
*** This bug has been marked as a duplicate of 15320 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•