New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 819582 link

Starred by 1 user
Status: Assigned
Owner:
shaktisahu@chromium.org
Cc:
sindhu.chelamcherla@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 2
Type: Bug



Sign in to add a comment

Cancelled downloads of guest user can be retrieved by regular user or new guest

Reported by rahsha...@gmail.com, Mar 7 2018 
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36

Steps to reproduce the problem:
1. Open guest mode
2. Keep something to download
3. Pause the download
4. Press close button of guest tab
5. Now an alert window pops out which asks to continue or cancel download. Press cancel download.Now guest session is closed.
6. Open guest mode again and go to downloads in dropdown menu at top right corner. Now we can see the paused download which can be resumed.

What is the expected behavior?
The continue or cancel ongoing download should cancel and remove the ongoing download before closing the guest mode.

What went wrong?
The alert tab does nothing when "cancel download" pressed by the guest user. It just closes the guest mode but ongoing download still persists. This file of guest can be retrieved later on by regular user or a new guest by just opening a new guest mode and go to downloads from dropdown menu of top right corner.

Did this work before? N/A 

Chrome version: 65.0.3325.146  Channel: stable
OS Version: 10.0
Flash Version: 

Downloaded file from regular user/incognito/guest will stays in computer. But this case is different where guest cancels (maybe even a confidential file) by pressing cancel download. Thus he cant see file in local directory. But a new user can continue the download and access the file. Not a remote security issue, still severe!!!
downla.JPG
21.5 KB View Download

Comment 1 by mbarbe...@chromium.org, Mar 7 2018

Components: UI>Browser>Downloads
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
Thanks for the report! For the reasons outlined in https://chromium.googlesource.com/chromium/src/+/master/docs/security/faq.md#Why-arent-physically_local-attacks-in-Chromes-threat-model we don't treat physically local attacks as vulnerabilities, but this does still sound like a bug.

Comment 2 by susan.boorgula@chromium.org, Mar 7 2018

Labels: Needs-Triage-M65

Comment 3 by rahsha...@gmail.com, Mar 8 2018 

Thanks for response!
In https://chromium.googlesource.com/chromium/src/+/master/docs/security/faq.md#Why-arent-physically_local-attacks-in-Chromes-threat-model  to mitigate risks from people who have physical control over your computer, in certain circumstances,
bullet #2 has "For guests, Chrome OS has a built-in Guest account for this purpose."
But the above mentioned bug resides in guest account.
guesta.JPG
155 KB View Download

Comment 4 by sindhu.chelamcherla@chromium.org, Mar 8 2018

Cc: sindhu.chelamcherla@chromium.org
Labels: Target-67 Triaged-ET M-67 FoundIn-67 OS-Linux OS-Mac
Status: Untriaged (was: Unconfirmed)
Able to reproduce this issue on reported version 65.0.3325.146 and on latest canary 67.0.3364.0 using Windows 10, Mac 10.13.3 and Ubuntu 14.04 with steps mentioned in comment#0.

This issue is seen from M-60. Hence considering this issue as Non-Regression and marking as Untriaged.

Thanks!

Comment 5 by rahsha...@gmail.com, Mar 8 2018 

Can be reproduced for authenticated downloads too. For eg, a guest user's gmail attachment files can be resumed by opening new guest mode.

Thanks.

Comment 6 by dtrainor@chromium.org, Mar 22 2018

Owner: shaktisahu@chromium.org
Status: Assigned (was: Untriaged)

Comment 7 by rahsha...@gmail.com, Aug 7 

Hi, Anybody following this thread?
The bug still exists in latest Version 69.0.3497.23 (Official Build) beta (64-bit)
It may cause privacy and security issue to users who are using a public system in guest mode like in library.

Sign in to add a comment