Valent Turkovic: >>> If a browser shows a message that it has some plugin missing and >>> offers some bar that you click on any user clicking on it would expect >>> to do what it says. Tim: >> If it's possible to do an install with administrative permission, it >> should do it. "Enter root password, now, to install this." Ian Malone: > Actually, I don't want my browser to ask me for a root password. I agree that it's a bit of a worry to have a browser ask you for that, but you do need to have some *initial* system that stops all users from begin able to install through a browser unless the admin allows that. Otherwise systems that need to be secure, aren't, by default. Then, after that point, it's a case of: * Is it a once off decision to allow it, then users can do anything they like ever more. * The admin permission is required for some things but not others (e.g. allow flash installs on demand but nothing else). * All installs require admin permissions, each time. At it's simplest level that kind of thing can be done with something like a root owned /etc/firefox.conf file with parameters. For example, something like: [allow] #flash #all [deny] #flash #mplayer-plugin all [permissions] prompt #noprompt -- [tim@bigblack ~]$ uname -ipr 2.6.22.1-41.fc7 i686 i386 Using FC 4, 5, 6 & 7, plus CentOS 5. Today, it's FC7. Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list