Bug 287339 - Eclipse SDK Classic (Mac Cocoa 64bit) -- Problem loading plugins/features when not owner of /Applications/eclipse/ -> security issue
Summary: Eclipse SDK Classic (Mac Cocoa 64bit) -- Problem loading plugins/features whe...
Status: CLOSED DUPLICATE of bug 301226
Alias: None
Product: Equinox
Classification: Eclipse Project
Component: Framework (show other bugs)
Version: 3.5   Edit
Hardware: Macintosh Mac OS X - Carbon (unsup.)
: P3 critical (vote)
Target Milestone: ---   Edit
Assignee: equinox.framework-inbox CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-08-21 16:30 EDT by fkafka CLA
Modified: 2010-04-14 15:48 EDT (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description fkafka CLA 2009-08-21 16:30:42 EDT 
Build ID: I20090611-1540

Steps To Reproduce:
1. Log in as an administrator
2. Download eclipse-SDK-3.5-macosx-cocoa-x86_64.tar.gz
3. Unpack the archive
4. Move the resulting folder 'eclipse' into folder /Applications

5. Start eclipse
6. Avtivate 'Classic Update' in preferences (capabilities)
7. Go to 'Product Configuration' (Menu 'Help', item 'Software Updates', sub-item 'Manage Configuration...')
8. You see that the 'Eclipse Project SDK 3.5.0...' was loaded correctly
9. Quit Eclipse
10. Log out

11. Log in as a non administrator
12. Start eclipse
13. Avtivate 'Classic Update' in preferences (capabilities)
14. Go to 'Product Configuration' (Menu 'Help', item 'Software Updates', sub-item 'Manage Configuration...')
15. Some of the items beneath 'Eclipse Project SDK 3.5.0...' were not loaded correctly (red flag with white cross on their symbols: 'Eclipse CVS Client Resources ...', 'Eclipse Help Developer Resources ...', 'Eclipse JDT Plug-In Developer Resources ...', 'Eclipse PDE Plug-In Developer Resources ...', 'Eclipse Platform Plug-In Developer Rsources ...')
16. Quit Eclipse

17. Change owner of the folder /Applications/eclipse to the non administrative account you are in (sudo chown -R non_admin /Applications/eclipse)
18. Do the check for correct loading of the plugins/features again -> all ok
19. Change owner of the eclipse folder back to the administrative account (sudo chown -R admin /Applications/eclipse)
20. Redo the check -> some plugins/features not loaded correctly

21. Altermative: Make /applications/eclipse (and all sub-items recursively) writable for the group that the non administrative account belongs to -> all plugins/features loaded correctly

22. It's a security issue when you can use some software for day-to-day work only with administrator privileges -- even when windows users (and developers of windows software) think it would be a fundamental law that a simple user account needs administrator privileges

More information:
MacPro 2x2.8GHz, 4GByte RAM
Mac OS 10.5.8 (latest updates installed)
Comment 1 Remy Suen CLA 2009-08-21 19:41:10 EDT 
Some kind of a bundle resolution problem maybe?
Comment 2 Paul Webster CLA 2009-08-24 07:45:55 EDT 
Did you run the multi-user steps?  These are necessary to set up a common eclipse install (by root in linux, for example) that all the other users can use.

http://help.eclipse.org/galileo/index.jsp?topic=/org.eclipse.platform.doc.isv/reference/misc/multi_user_installs.html

PW
Comment 3 Thomas Watson CLA 2010-04-14 15:48:42 EDT 
This is related to the fact that the framework would launch even though the user does not really have write access to the configuration folder.  This has been fixed by bug 301226.  Dupping.

*** This bug has been marked as a duplicate of bug 301226 ***