Re: Re (2): Configuring Iceweasel security policies.
On 13/06/11 09:14, peasthope@shaw.ca wrote:
> From: Scott Ferguson <prettyfly.productions@gmail.com>
> Date: Sun, 12 Jun 2011 20:20:17 +1000
>> Stepping through what you've described above...
>>
<snipped>
>> You saved the page to "storage of Dalton".... presumably "storage" is
>> somewhere below /home/peter....
>>
>> eg.:-
>> home/peter/"Peter Lyall Easthope.html"
>
> Here I stored it as /home/peter/Desktop/index.html. The choice of name
> doesn't change the phenomenon being demonstrated.
Exactly! :-)
>
> We're dealing with two pages. There is the "primary" page containing
> the Web link. Then there is the page Category2.html which is target of
> the link in the primary page. Category2.html is always local. I can
> open Category2.html when the primary page is local. Not when the primary
> page is remote.
Yes! That is how I understand this to work.
>
>> You then say that the link works (I don't disbelieve you)- but that link
>> is pointing at the root of Dalton, not the root of Peters home directory....
>> So "something" I'm assuming in the above scenario is not correct.
>
> Yes. There is a filesystem soft link as we discussed a day or two back.
Ah - thank you for the clarification.
[blinking] It's all coming back to me now....
> peter@joule:~$ sudo ln -s /home/peter/Category2.html /Category2.html
> peter@joule:~$ ls -l /C*
> lrwxrwxrwx 1 root root 23 Jun 12 13:16 /Category2.html -> /home/peter/Category2.html
> The filesystem and the Web both having "links" is a possible source of
> confusion.
Partially.
I bring my own confusion.
I don't like to turn up empty handed ;-p
<snipped>
> The final observation is that there should be a way to open
> file:///blah.html, regardless of where the link resides.
In a perfect world.... ;-p
(see my final comments)
> At present
> I can open it only with a link in a local page. The link on a remote
> server, targetting file:///blah.html, produces only the error message
> from Iceweasel.
Yes - that is as it should be. A web page should only be able to load a
file from within it's *purview*. So a http link should point to
somewhere within the root of the web server (eg. /var/www or
~/public_html), and a file link should point to somewhere on the same
machine the link is served from (think of the authentication).
> file:///<name> is always an absolute file name on the
> local machine
Where "local machine" means the machine the page holding the link is
loaded on (where Iceweasel is running).
> isn't it? Is there a syntax for a non-local file:///<name>?
Not unless you can load a network protocol with a page link. I am unable
to categorically say that is not possible - *perhaps someone
knowledgeable could advise* (it may be trivial).
> Logically, that should not be necessary, but it might help with
> troubleshooting.
>
> Hopefully the failure of the non-local case is just a security default
> which can be overridden. Otherwise it's a bug in Iceweasel.
With my limited understanding of the network security issues - I doubt
it's a bug.
>
>> Cheers, and thanks for your patience.
>
> Thanks for your patience. The thread is becoming stale and
> there are too many small digressions. A fresh description of the
> problem with new names might help ... except that everyone must be
> fed up with it by now.
>
> Regards, ... Peter E.
>
>
>
To clarify - is it only you that needs to be able to use this file link??
If so - would you only be accessing it from Dalton (or where)??
There are other ways (java, a local monkey server, etc) that might be
used to solve this problem.
Cheers
--
We all pay for life with death, so everything in between should be free.
~ Bill Hicks
Reply to: