[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Tunnel iceweasel?

> Hi, the issue here isn't the speed

Well, you mentioned "it takes forever", so I thought I'd help you with
speed as well:).

>  and besides, i prefer to have it
>  directly connected to my Xserver, rather than runnign in VNC.

Me too, but for me a direct X connection is simply to slow.

>  The point here isn't eh startup time though, it's that it starts a local
>  iceweasel!
>  In trying to build FF from source on my new 64 bit machine i
>  accidentally wound up with a ff3 beta, but running that now also opens
>  iceweasel.
>  Somehow the binary has managed to associate EVERYTHING with itself.
>  The real thing that does my head in is when i launch FF on another box..
>  it still creates a local iceweasel? this should happen AFAIK..

I know, and I'm often annoyed by it as wel.

>  starting a command on that box via should not be able to cause commands
>  to be run on my local?

It is trying to be helpfull, of cource. When I click on a link in an
email, I'd want the page to appear in my already running firefox
session. So it always checks to see if a firefox session is running on
the X display, and if so, it will instruct that firefox session to
display the page.

>  Does this constitute a security issue? i'll see if i can get a PoC
>  during the week, even if one couldn't get arbitrary code, one could
>  still point the new iceweasel on the host machine to a site witha FF
>  exploit.

If you allow a sever to connect to your X display, you allow it to
view all keypresses, what programs are running, what your display
looks like, etc. As far as I know, the only way to avoid that is,
well, to use for example VNC:).

It's not a Firefox problem anyway, it's the way X was designed.

Reply to: