Robert Kaiser wrote:
[EMAIL PROTECTED] schrieb:
In https://bugzilla.mozilla.org/show_bug.cgi?id=258875 I propose making
the text control in a file input be readonly. This will prevent various
kinds of spoofing attacks, but it may affect usability. Any
objections/counterproposals?
Actually, I also like being able to do what heikki wrote in a different
reply...
I guess the security concern is automatically entering a file name in
the box with a script - what about inventing something that manual
editing by the user is possible but automated changes via a script
aren't, if that's possible at all? Requiring something with chrome privs
(file dialog, eventually routing keyboard input and mouse/keyboard
pasting through soemthing setting those) to change the content of the
field?
Actually, it isn't. Currently web pages *can't* change the value of a
file upload control without the UniversalFileRead privilege.
It's sometimes quite practical to copy the path from somewhere (other
app or other file control) and just paste it into the file control,
eventually changing a letter or number there manually afterwards...
If we just can make sure the user did the action himself and not had
some page-bound script doing it, then we should be fine, I think...
See https://bugzilla.mozilla.org/attachment.cgi?id=17860 from bug 57770
(https://bugzilla.mozilla.org/show_bug.cgi?id=57770). The problem is
that the *user* did all the interaction with the form, and still managed
to attempt an upload of a system file (whether the code should be able
to *read* the value is another question, but I suspect there is some
long and silly history about allowing that).
--
James Ross <[EMAIL PROTECTED]>
ChatZilla Developer
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
