| 2007-11-01 12:51:17 |
pierz |
bug |
|
|
added bug |
| 2007-11-01 12:51:17 |
pierz |
bug |
|
|
added attachment 'Dependencies.txt' (Dependencies.txt) |
| 2007-11-01 12:51:17 |
pierz |
bug |
|
|
added attachment 'ExtensionSummary.txt' (ExtensionSummary.txt) |
| 2007-11-01 12:51:17 |
pierz |
bug |
|
|
added attachment 'pluginreg.dat.txt' (pluginreg.dat.txt) |
| 2007-11-01 12:51:17 |
pierz |
bug |
|
|
added attachment 'profiles.ini.txt' (profiles.ini.txt) |
| 2007-11-01 14:29:48 |
pierz |
title |
Firefox inherits ALL file descriptors when executing external apps (e.g. evince) |
Helper applications launched by Firefox inherit ALL file descriptors |
|
| 2007-11-01 14:45:36 |
pierz |
description |
Binary package hint: firefox
When Firefox starts up an external application (e.g. Evince) that application inherits ALL file descriptors open by Firefox - this is firstly a potentially large security hole (e.g. security files are also open like key3.db). Secondly it causes residual problems when Firefox (or a plugin like Flash) has opened the audio device - the audio descriptor is inherited and not closed till the spawned app is closed resulting in the audio device being useless till then. I came across this bug when trying to track down the apparent problem of audio lockout with evince - which is still listed as a bug on launchpad - https://bugs.launchpad.net/ubuntu/+source/evince/+bug/102408 - and on gnome: http://bugzilla.gnome.org/show_bug.cgi?id=371822 I think that these bugs are actually a result of this bug in Firefox
Firefox should follow standard procedures and shut all open file descriptors before execing helper apps.
ProblemType: Bug
Architecture: i386
Date: Thu Nov 1 12:35:08 2007
DistroRelease: Ubuntu 7.10
NonfreeKernelModules: nvidia
Package: firefox 2.0.0.8+2nobinonly-0ubuntu1
PackageArchitecture: i386
SourcePackage: firefox
Uname: Linux ballard 2.6.22-14-generic #1 SMP Sun Oct 14 23:05:12 GMT 2007 i686 GNU/Linux |
Binary package hint: firefox
When Firefox starts up an external application (e.g. Evince) that application inherits ALL file descriptors open by Firefox - this is firstly a potentially large security hole (e.g. security files are also open like key3.db). Secondly it causes residual problems when Firefox (or a plugin like Flash) has opened the audio device - the audio descriptor is inherited and not closed till the spawned app is closed resulting in the audio device being useless till then. I came across this bug when trying to track down the apparent problem of audio lockout with evince - which is still listed as a bug on launchpad - https://bugs.launchpad.net/ubuntu/+source/evince/+bug/102408 - and on gnome: http://bugzilla.gnome.org/show_bug.cgi?id=371822 I think that these bugs are actually a result of this bug in Firefox
Firefox should follow standard procedures and shut all open file descriptors before execing helper apps.
It appears this bug has been reported on the FireFox bugzilla but its not been fixed yet??
https://bugzilla.mozilla.org/show_bug.cgi?id=147659
ProblemType: Bug
Architecture: i386
Date: Thu Nov 1 12:35:08 2007
DistroRelease: Ubuntu 7.10
NonfreeKernelModules: nvidia
Package: firefox 2.0.0.8+2nobinonly-0ubuntu1
PackageArchitecture: i386
SourcePackage: firefox
Uname: Linux ballard 2.6.22-14-generic #1 SMP Sun Oct 14 23:05:12 GMT 2007 i686 GNU/Linux |
|
| 2007-12-11 18:51:06 |
Jamie Strandboge |
bug |
|
|
added subscriber Ubuntu Bugs |
| 2008-03-03 21:52:23 |
Kees Cook |
bug |
|
|
assigned to firefox |
| 2008-03-03 21:52:36 |
Kees Cook |
firefox: importance |
Undecided |
Low |
|
| 2008-03-03 21:52:36 |
Kees Cook |
firefox: status |
New |
Confirmed |
|
| 2008-03-04 10:51:06 |
Bug Watch Updater |
firefox: status |
Unknown |
Confirmed |
|
| 2010-08-28 02:32:59 |
Simon Déziel |
bug |
|
|
added subscriber Simon Déziel |
| 2010-09-15 16:13:53 |
Bug Watch Updater |
firefox: importance |
Unknown |
High |
|
| 2011-12-13 16:15:08 |
Jamie Strandboge |
removed subscriber Ubuntu Security Team |
|
|
|
| 2017-10-16 14:07:58 |
Bug Watch Updater |
firefox: status |
Confirmed |
Invalid |
|
