Bug#410671: iceweasel: firefox leaks filehandles to external applications

[Mike Hommey]

tag 410671 - unreproducible wontfix
thanks

On Sun, Oct 02, 2011 at 03:18:07PM +0200, Marc Lehmann wrote:
> On Sun, Oct 02, 2011 at 01:20:34PM +0200, Jörg Sommer <joerg at alea.gnuu.de> wrote:
> > how about using O_CLOEXEC when opening files or sockets?
> 
> there is no such flag for sockets, nor pipes, but indeed, linux has
> recently acquired such interfaces, but they are not portable.
> 
> fcntl F_SETFD of course works, as well as simply closing all fds not known to
> be needed.

See the upstream bug as to why it may or may not possible to use these.

> I also checked it with firefox 6, and the problem persists - now firefox even
> has handles for sqlite files open, as well as having lots of sockets and
> pipes:
> 
>    *sh-4.1# ls -l /proc/self/fd
>    total 0
>    lrwx------ 1 root root 64 Oct  2 15:16 0 -> /dev/pts/7
>    lrwx------ 1 root root 64 Oct  2 15:16 1 -> /dev/pts/7
>    lr-x------ 1 root root 64 Oct  2 15:16 10 -> pipe:[10284]
>    l-wx------ 1 root root 64 Oct  2 15:16 11 -> pipe:[10284]
>    l-wx------ 1 root root 64 Oct  2 15:16 16 -> /localvol/root/.mozilla/firefox/c4h3tlpc.default/.parentlock
>    lrwx------ 1 root root 64 Oct  2 15:16 2 -> /dev/pts/7
>    lr-x------ 1 root root 64 Oct  2 15:16 20 -> pipe:[9372]
>    l-wx------ 1 root root 64 Oct  2 15:16 21 -> pipe:[9372]
>    lr-x------ 1 root root 64 Oct  2 15:16 22 -> pipe:[5052]
>    l-wx------ 1 root root 64 Oct  2 15:16 23 -> pipe:[5052]
>    lr-x------ 1 root root 64 Oct  2 15:16 24 -> pipe:[5053]
>    l-wx------ 1 root root 64 Oct  2 15:16 25 -> pipe:[5053]
>    lr-x------ 1 root root 64 Oct  2 15:16 26 -> /dev/urandom
>    lr-x------ 1 root root 64 Oct  2 15:16 3 -> pipe:[10718]
>    lr-x------ 1 root root 64 Oct  2 15:16 30 -> pipe:[5057]
>    l-wx------ 1 root root 64 Oct  2 15:16 31 -> pipe:[5057]
>    lrwx------ 1 root root 64 Oct  2 15:16 35 -> /localvol/root/.mozilla/firefox/c4h3tlpc.default/cookies.sqlite-shm
>    lr-x------ 1 root root 64 Oct  2 15:16 4 -> /dev/null
>    lr-x------ 1 root root 64 Oct  2 15:16 41 -> pipe:[5059]
>    l-wx------ 1 root root 64 Oct  2 15:16 42 -> pipe:[5059]
>    lrwx------ 1 root root 64 Oct  2 15:16 47 -> /localvol/root/.mozilla/firefox/c4h3tlpc.default/places.sqlite-shm
>    l-wx------ 1 root root 64 Oct  2 15:16 5 -> pipe:[10718]
>    lrwx------ 1 root root 64 Oct  2 15:16 58 -> socket:[11443]
>    lrwx------ 1 root root 64 Oct  2 15:16 59 -> socket:[10711]
>    lr-x------ 1 root root 64 Oct  2 15:16 6 -> /proc/2267/fd
>    lrwx------ 1 root root 64 Oct  2 15:16 60 -> socket:[9696]
> 
> Also, to the guy who tagged this as unreproducible: you haven't tried it
> out, because its clearly reproducible in all versions since then. shame on
> you for tagging this as unreproducible without verifying it.
> 
> And to the guy who tagged this wontfix, this is a security bug. Whats the
> deal with debian not caring about obvious security bugs anymore? Do you
> know need a cert advisory to accept a security issue or what? Shame on you
> too.

It was tagged as unreproducible and wontfix before it was reassigned and
merged to an existing bug in iceweasel. This is merely a side effect of
the lack of feedback from the bug tracking system when a bug is
reassigned and merged.

Check your facts before calling names.

Mike