Pardon me for being pedantic here. On Thu, Apr 14, 2011 at 2:34 AM, suvayu ali <fatkasuvayu+linux@xxxxxxxxx> wrote: > Hi Joel, > > On Wed, Apr 13, 2011 at 5:56 AM, Joel Rees <joel.rees@xxxxxxxxx> wrote: >> And we always su (if we do use su to do administrative tasks) from >> users that we never surf the web from, right? You understand why? >> > > I presume you are alluding to the possibility of the system being > affected by keyloggers (as you mention later in your post)? Keyloggers are an example. There are all sorts of malicious kinds of software that can be installed via vulnerabilities in Flash. There are more vulnerabilities than are known, and there are more known by those who would keep them secret and use them to their own purposes than by those who would help fix them. >> Does that explain why I'm saying you don't want Flash loading every >> time you run your web browser as any user? >> > > How does this change when flash is installed as the regular user? >From what I said about not using su or sudo when logged in to an account you surf the web from, you understand that I mean that the user does not even use su or sudo to do the final step of copying flash where it goes? The steps I gave, to move the downloaded tarball to the home directory via the graphical file manager start a shell in a terminal session and do this: ----------------- cd .mozilla/plugins tar xzf ~/Desktop/<flash-tarball-name.tar.gz> ----------------- put the Flash plugin file in /home/<username>/.mozilla/plugins , not in any system-wide file, not in any directory accessible to any other user. That means that flash will not even run for any other user. Well, you can install flash in other users' .mozilla/plugins directories if you want, of course, but only the users which have the flash specifically installed will be able to run flash. > Irrespective of how flash was installed, whatever vulnerabilities it > introduces will be limited to the account that is using it. Isn't that > correct? Uhm. Actually, unfortunately, not necessarily. There have been vulnerabilities that don't require setuid execution to escalate privilege. Of course, with such vulnerabilities, the local installation is not a high wall, but even low walls can help a little. But you see that is not what I'm targeting with this recommendation. >>> vulnerabilities in the >>> plugin can _only_ affect the regular user. >> >> There are many paths to exploits besides things directly running in >> the instance of the web server (with plugins) which you are currently >> running. Tricks like leaving keyloggers and trojans behind, in places >> where they get executed the next time you log in instead of now. >> >> So a Flash exploit lets the bad guys leave a keylogger in your surfing >> account. That's not good (and in some senses it's a ticking time >> bomb), but at least it isn't as bad as it could be. > > How does (not-)installing flash as root affect any of the above? What > you are talking about above is something everyone should be mindful of > when surfing the Internet irrespective of whether they are using flash. > > I still fail to see how installing flash as the regular user is saving > the user from any vulnerabilities which he/she would be otherwise prone to. Well, for all that, ideally, one would never surf the web as an admin class user, many packages have their documentation in HTML. The docs contain links to the project website. And even if the project website is clean, it often has advertising (often in Flash, no less), and links to other places which may or may not be properly administered. It's all too easy for even the most cautious admin user to get drawn out on the general web, and not having flash installed in the general browser puts up more walls that the intruder has to get through. And then there's the bank's website and the queston of whether flash should be enabled in the browser you are typing your bank password in, etc. It's not a really high wall, but it is a way to put another wall between the user's important data and the intruder, provide some more buffer against social engineering and user error, etc. -- Joel Rees -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
