Bug 82324 - mozilla-xremote-client ran as root targets non-root mozillas
Summary: mozilla-xremote-client ran as root targets non-root mozillas
Alias: None
Product: Red Hat Raw Hide
Classification: Retired
Component: mozilla
Version: 1.0
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Christopher Blizzard
QA Contact: Ben Levenson
Depends On:
TreeView+ depends on / blocked
Reported: 2003-01-21 09:58 UTC by Luca Barbieri
Modified: 2007-04-18 16:50 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2003-01-24 15:20:31 UTC

Attachments (Terms of Use)

Description Luca Barbieri 2003-01-21 09:58:05 UTC
Description of problem:
When mozilla-xremote-client is ran as root and a mozilla process owned by a
non-root user exists, it will be incorrectly targeted

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Run `mozilla` as a normal user
2. Run `mozilla` as root

Actual Results:
The opened window belongs to a process belonging to the normal user

Expected Results:
The opened window should belong to a process owned by root

Comment 1 Christopher Blizzard 2003-01-21 18:39:16 UTC
Mozilla should figure out the name of the profile being used using the LOGNAME
env variable.  Is LOGNAME different for root and your username?  Also, is the
user set on the window?  Run this command and click on the mozilla window:

_MOZILLA_USER(STRING) = "blizzard"

Comment 2 Luca Barbieri 2003-01-24 08:36:28 UTC
LOGNAME is the same because I used `su` to become root and it does not change

Why is the login name being used rather than the euid?
This causes the execution of `mozilla` to differently depending on whether there
is already another instance: in there is, it will be run with the login user
privilege, and otherwise with the euid ones (root in this case).

Imho this should be changed.

Comment 3 Christopher Blizzard 2003-01-24 15:18:01 UTC
Because two people on two seperate systems can have the same logical name but
two different UIDs.  There are UID mapping daemons that do this.  LOGNAME is
actually more reliable.

Comment 4 Christopher Blizzard 2003-01-24 15:20:31 UTC

Note You need to log in before you can comment on or make changes to this bug.