Re: Risk of using Iceweasel / firefox

To: debian-user@lists.debian.org
Subject: Re: Risk of using Iceweasel / firefox
From: John Hasler <jhasler@debian.org>
Date: Thu, 01 Nov 2007 18:19:16 -0500
Message-id: <[🔎] 87d4uto8p7.fsf@toncho.dhh.gt.org>
In-reply-to: <[🔎] 20071101221644.GB7991@titan.hooton> (Douglas A. Tutty's message of "Thu\, 1 Nov 2007 18\:16\:44 -0400")
References: <95455e980710281902h75546f52pfc5f6630cdf4fa64@mail.gmail.com> <20071031005707.GA2437@box> <[🔎] 95455e980710311905p141f49c4g1e5e4665c3fc0640@mail.gmail.com> <[🔎] 20071101021845.GA8078@titan.hooton> <[🔎] 20071101025236.GA16704@localhost> <[🔎] 20071101033145.GE29856@localhost.localdomain> <[🔎] 20071101035432.GA21242@localhost> <[🔎] 4729BE8E.7010000@cox.net> <[🔎] 20071101130816.GA6599@titan.hooton> <[🔎] 87fxzq6l3c.fsf@toncho.dhh.gt.org> <[🔎] 20071101221644.GB7991@titan.hooton>

Doug writes:
> It would only be a security issue if the permissions on your home
> directory and/or the execs themselves allowed others to execute them.

I wrote:
> A buggy application (buffer overflow in Firefox...) or an evil bit of
> JavaScript could be used by a "virus" to install a trojan in $HOME/bin.

Doug writes:
> If Iceweasel is such a security risk...

I did not mean to imply that Firefox is especially insecure.  It's just an
example.
-- 
John Hasler

Reply to:

Follow-Ups:
- Re: Risk of using Iceweasel / firefox
  - From: hce <webmail.hce@gmail.com>

References:
- Re: GLIBC_2.4
  - From: hce <webmail.hce@gmail.com>
- Re: GLIBC_2.4
  - From: "Douglas A. Tutty" <dtutty@porchlight.ca>
- Re: GLIBC_2.4
  - From: Ken Irving <fnkci@uaf.edu>
- Re: GLIBC_2.4
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: GLIBC_2.4
  - From: Ken Irving <fnkci@uaf.edu>
- Re: GLIBC_2.4
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: GLIBC_2.4
  - From: "Douglas A. Tutty" <dtutty@porchlight.ca>
- Re: GLIBC_2.4
  - From: John Hasler <jhasler@debian.org>
- Risk of using Iceweasel / firefox [Was Re: GLIBC_2.4]
  - From: "Douglas A. Tutty" <dtutty@porchlight.ca>

Prev by Date: Re: Mouse + curses (+ vim), was Re: Apt-Get or Aptitude
Next by Date: Re: Risk of using Iceweasel / firefox [Was Re: GLIBC_2.4]
Previous by thread: Risk of using Iceweasel / firefox [Was Re: GLIBC_2.4]
Next by thread: Re: Risk of using Iceweasel / firefox
Index(es):
- Date
- Thread