desktop-packages team mailing list archive

Thread
Date

[Bug 1401454] Re: Thunderbird writes attachments to /tmp readable to everyone

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: Thomas Mayer <1401454@xxxxxxxxxxxxxxxxxx>
Date: Mon, 30 Mar 2015 11:42:02 -0000
Reply-to: Bug 1401454 <1401454@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

As the discussion about this was going on for 8 years in the mozilla
community, I suggest to at least set permissions right in the distros.

For the moment, there is only one path (which is /tmp) and there is only
the original name used. That said, concurrent users could overwrite
their temporary files to each other. Setting permissions right would
avoid that in addition to solving the security problem. And it's still
better than allowing users to overwrite files of other users to avoid
error messages. Plus, privacy is an issue here as users can read private
files of other users.

On single user systems, there might not be a noticable change to users.
So, what should it break? It's still not a perfect concept but a big
improvement in terms of security. The rest can be done later in a nice
fashion.

After setting permissions right in the distros you can still wait
another 8 years and see which solution mozilla community came up with.
Possible we see an importance change to 'high' in between (say 4 years
or so).

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/1401454

Title:
  Thunderbird writes attachments to /tmp readable to everyone

Status in Mozilla Thunderbird Mail and News:
  Confirmed
Status in thunderbird package in Ubuntu:
  Confirmed

Bug description:
  When I open an attachment of an email in Thunderbird it gets written
  to disk with permission 644, so it is readable by everyone on the
  system.

  How to repeat: Open an E-Mail, Open an Attachment (e.g. google.png)

  $ cd /tmp; ls -lh
  -rw-r--r-- 1 theuser thegroup 2,4K Dez 11 10:39 google.png

  Instead, Thunderbird should write the file with permissions 600. Plus,
  to avoid conflicts between users, the file should be written into a
  directory per user, e.g. /tmp/theuser/google.png or another user
  specific temp directory.

To manage notifications about this bug go to:
https://bugs.launchpad.net/thunderbird/+bug/1401454/+subscriptions