On Mon, Jan 14, 2013 at 10:48 AM, Nelson Strother <xunilarodef@xxxxxxxxx> wrote: > .1-1.fc17.i686 > still allows applets to run. Only after killing and restarting the browser > (Firefox; kill rather than close, so that all of the open tabs can be > Restored) does loading a page containing an applet lead to: > A plugin is needed to display this content. Please, Nelson, upgrade your browser. Firefox 18 -afaik I´ve only tested on Windows- includes a new security mechanism that prevents any plug-in content from running, on a per-site basis, until you explicitely authorize it with a click (not only the JRE or Icedtea plug-in but all plug-ins, including of any pdf reader). Plus, on my Windows systems, Firefox automagically disabled the Java plug-in (not sure about Icedtea, but it checks Sun JRE builds) when it detected I had Java 1.7.0 u10, but re-enabled it automagically when it detected I had Java7u11, which solves the issues. Perhaps if Firefox does the same with the Sun JRE plug-in, it could do the same for insecure -if any- Icedtea builds?. Anyone knows if it currently manages Icedtea as well?. On a side note, the Sun/Oracle J7U11 browser plug-in no longer runs unsigned or self-signed web applets automatically, making so-called "zero click" attacks impossible. Perhaps IcedTea could do the same?. FC -- During times of Universal Deceit, telling the truth becomes a revolutionary act Durante épocas de Engaño Universal, decir la verdad se convierte en un Acto Revolucionario - George Orwell -- java-devel mailing list java-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/java-devel
