[prev in list] [next in list] [prev in thread] [next in thread]
List: privoxy-developers
Subject: [privoxy-devel] [ ijbswa-Bugs-1998394 ] Uninstaller Missing Files
From: "SourceForge.net" <noreply () sourceforge ! net>
Date: 2008-06-25 13:26:30
Message-ID: E1KBV14-0004rP-1u () 155xhf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Bugs item #1998394, was opened at 2008-06-20 01:40
Message generated for change (Settings changed) made by fabiankeil
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111118&aid=1998394&group_id=11118
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: other
Group: version 3.0.8
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Nobody/Anonymous (nobody)
> Assigned to: Gerry Murphy (gjmurphy)
Summary: Uninstaller Missing Files Poses Security Risk
Initial Comment:
When you uninstall Privoxy 3.0.8 it leaves the following files and registry keys \
behind! (Tested using: Piriform's Ccleaner)
Temporary files (Contains the Privoxy Uninstaller!) :
C:\documents and settings\USERNAME\Local Settings\Temp\~nsu.tmp
Registry Traces:
MUI Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
With the following values:
C:\program files\privoxy\privoxy.exe (Privoxy Program)
C:\program files\privoxy\privoxy_uninstall.exe (Privoxy Uninstaller)
C:\documents and settings\USERNAME\Local Settings\Temp\~nsu.tml (Privoxy Uninstaller)
Fixing this bug allows the user to fully uninstall Privoxy without leaving any traces \
of it behind. The MUI Cache list the most recently ran programs, which could be a \
security vulnerability!
My System Information:
Windows XP Home Edition SP2
Please contact me (Rhett Trappman) at computerguy12056@cs.com
P.S.
It would be nice to have the option when uninstalling to save the configuration \
files, block lists, and other settings!
----------------------------------------------------------------------
> Comment By: Fabian Keil (fabiankeil)
Date: 2008-06-25 13:26
Message:
Logged In: YES
user_id=875547
Originator: NO
I'm not familiar with the installer used on Windows,
and given that it's developed outside of the Privoxy
project, I'm not sure if its behavior can be easily
changed.
Lets see what the current maintainer of the
Windows builds has to say about this.
I still don't see this as a security vulnerability, though.
----------------------------------------------------------------------
Comment By: Nobody/Anonymous (nobody)
Date: 2008-06-21 14:58
Message:
Logged In: NO
I think this is a security vulnerability because, it shows the programs
that were run in the registry (history / recently ran programs)!
And why did the installer need temporary and program files storage?
----------------------------------------------------------------------
Comment By: Fabian Keil (fabiankeil)
Date: 2008-06-20 04:51
Message:
Logged In: YES
user_id=875547
Originator: NO
Thanks for the report.
Why do you think this is a security vulnerability?
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111118&aid=1998394&group_id=11118
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Ijbswa-developers mailing list
Ijbswa-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ijbswa-developers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic