You are here

2.0.0.6 / newmsg / security risk

3 posts / 0 new
Last post
v4ixapdbm
Offline
Last seen: 16 years 6 days ago
Joined: 2007-06-20 17:15
2.0.0.6 / newmsg / security risk

I have discovered that, while downloading new messages, there is a file "newmsg" that is saved on the hard drive in the current user's temp directory (\Documents and Settings\[user]\Local Settings\Temp\). It seems to be a placeholder for the current message being downloaded. When the message is downloaded, "newmsg" is removed and apparently imported into the Thunderbird mailbox. then, "newmsg" is recreated for the next incoming message. I have opened up the "newmsg" file in Notepad, and it is the full e-mail, headers and all!

This side-effect is directly related to the setting in Tools -> Options -> Privacy -> Anti-virus -> Allow anti-virus clients to quarantine individual messages. If the setting is disabled, newmsg is not created. Also, individual messages cannot be scanned by the anti-virus, which means entire mailboxes could potentially be deleted by the anti-virus client.

If an adversary gets access to the hard drive from the computer that Portable Thunderbird was run from, it might be easy to recover the contents of all of the "newmsg" files. Seems like a huge security risk.

The solution to this is to store "newmsg" locally on the USB flash drive Portable Thunderbird is running from. So far, I have not found a way to change where "newmsg" is put. I propose that the location of "newmsg" be configurable with a setting in the config editor (about:config) or elsewhere so we may put it locally on the USB flash drive Thunderbird Portable is running from. Or, as a feature of Portable Thunderbird, force "newmsg" to be created locally on the USB flash drive. Etc...

Also, what other personally identifiable files are put on the hard drive? If there are more, these also need to be addressed so they are put on the USB flash drive.

Thank you.

John T. Haller
John T. Haller's picture
Offline
Last seen: 5 hours 15 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Not Portable

This setting is NOT PORTABLE. It is off by default and should remain so. The setting is designed for a LOCALLY installed antivirus to be able to scan individual messages as they come in. It serves no purpose in a portable environment at all.

If you want something additional in Thunderbird's about:config, post a note to bugzilla.mozilla.org, not here.

This has absolutely no bearing at all on a whole mailbox being deleted as the same thing applies even when you enable this (there could be a virus sitting in a folder that's suddenly found by a new virus update that comes in). Any antivirus product that's even worth having can handle individual messages in an mbox mail store (what Thunderbird uses).

Sometimes, the impossible can become possible, if you're awesome!

strider_mt2k
strider_mt2k's picture
Offline
Last seen: 13 years 4 months ago
Joined: 2006-02-15 12:35
Or use a web based solution

I try to stick with web-based solutions where I can.

Log in or register to post comments