Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers!
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers!
Quote:
Mozilla flaws could allow attacks, data access!
Date: Monday, 18 April 2005
... could allow an attacker to install malicious code or steal personal data have been discovered in the Mozilla Suite and the Firefox open-source browser.
Details of the nine flaws were published on Mozilla's security Web site over the weekend.
1) since it was c-net's article, why not give them the credit, instead of linking through linux security, which just copied the article?
2) this backs the (inacurate) arguement that there is no such thing as a virus in linux, only shoddy permissions. The vulnerability in mozilla/firefox would be far more devistating to a windows user, especially one with admin rights (most any windows user). and far less could be accomplished by gaining regular-user access to a linux machine -- because nobody here runs as root regularly... --this, and the market share of windows means i expect more exploits to be written for a windows platform... giving me even less concern over this issue
in conclusion, go ahead and scream about it in a windows forum, but i don't think we need all the hype in here... maybe i'm a little too low-key, but i don't see this as a major threat. moreover, i get a kick out of how people have come running to me to tell me about security vulnerabilities they've heard exist in firefox (because i like to promote it to people, they like to share their experiences) --because somehow they never hear of problems with security with IE, or windows in general. i laugh at them, and try to polietly explain how vulnerabilities are a fact of life, and always will be.
Originally posted by secesh 1) since it was c-net's article, why not give them the credit, instead of linking through linux security, which just copied the article?
2) this backs the (inacurate) arguement that there is no such thing as a virus in linux, only shoddy permissions. The vulnerability in mozilla/firefox would be far more devistating to a windows user, especially one with admin rights (most any windows user). and far less could be accomplished by gaining regular-user access to a linux machine -- because nobody here runs as root regularly... --this, and the market share of windows means i expect more exploits to be written for a windows platform... giving me even less concern over this issue
in conclusion, go ahead and scream about it in a windows forum, but i don't think we need all the hype in here... maybe i'm a little too low-key, but i don't see this as a major threat. moreover, i get a kick out of how people have come running to me to tell me about security vulnerabilities they've heard exist in firefox (because i like to promote it to people, they like to share their experiences) --because somehow they never hear of problems with security with IE, or windows in general. i laugh at them, and try to polietly explain how vulnerabilities are a fact of life, and always will be.
You said it!!!! and I have also stated in past posts. Viruses can only attack files that are available to the virus. A user downloading a program that contains a virus would still have to be able to write to it, IE permission!!! that is the key to Linux and why Windows until recently suffers. A virus can attatch itself to any .exe, .dll or .sys file in windows with-out any permission or knowledge from the user. That is, why I think, windows has so many wholes. A virus can't infect a system that it cannot write too!!! Windows FINALLY got the massage when they added Admin and user accounts on 2k and XP. sheesh....
I just swithched over to linux becuase I loved the open source browser. I could not believe the way new ideas, implementations such as extensions! existed in open-source.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.