possible firefix security problem??
Running relatively up-to-date Debian sarge system.
Followed a link to a rater nice site, www.irateradio.com
It runs a Java applet that
(1) downloads some random music files
(2) plays them and allows you to rate them
(3) compares your ratins with the ratings others provided in its
database so as to download files you actually might like next time
And, indeed, it does this quite nicely.
Now I thought I might like to keep one of these tracks. After findiing
no gadgets anywhere to ask it so store these things on my hard disk
somewhere, I start doind ls *.mp3 in various directories, and discover
that it has created a ~/irate/download/ directory and has stuffed its
downloads there.
The trouble is, I don't recall ever giving it permission to store
anything on my hard disk (except cookies), nor telling it where to put
them (which is what firefox usually asks me when it starts a download).
And the java applet was, as far as I could see, started within the
browser.
Now I ask you. What security policy could Firefox be following that
would allow this and prevent some wild application from putting junk all
over my hard drive? Can I ever run Firefox again?
-- hendrik
Reply to: