Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 07-07-2008, 09:57 AM   #1
LQ Newbie
Registered: Jul 2007
Posts: 10

Rep: Reputation: 1
Cool Adobe FlashPlayer Security Query

Does anyone know if Flash Player for Linux is neutralized of the Adobe built-in privacy invasion aspect? I asked this in other Linux forums and no one seemed aware that Flash Player has built-in privacy invasion software so businesses that post Flash Player games and clips can spy on users.

I refer to the PIE files (.sol) or more commonly known as LSO (Local Shared Object) files which can send private data back to a paying user's designated online site. For instance, Flash Player can be set (and commonly is) to gather and send audio and video data from any Mic and/or webcam(s).

Supposedly, FP places the SOL files containing hidden LSO in Linux hard drive directory ~macromedia...

If this is so, that means Linux contains a wide open security hole that is not just theoretical but actively exploited. I am amazed that this is not a hot topic at Linux forums!

Anyone know if this Windows & Mac exploit is also a Linux exploit?

Old 07-07-2008, 02:14 PM   #2
Senior Member
Registered: Dec 2007
Location: Croatia
Distribution: Debian GNU/Linux
Posts: 1,733
Blog Entries: 5

Rep: Reputation: 127Reputation: 127
I've just started to investigate this,and I see strange things start to happen when I'm in .macromedia directory and playing with some commands.Can you belive,I was asked to enter my root password by that .sol file.This is going to be interesting.I knew that flashplayer has been exploited many times,but this,what I see now,looks so mean to me.
Good info Bruised.Even if I have made some steps to disable anything that I don't want to happen on my system and it works,this will maybe end up in finding out what mean things folks in Adobe have tried to do and what they are doing.
If you think about it;flashplayer is security hole,fp has been exploited and lots of other similar info on the web suggests;that should've been fixed by now,but somehow it isn't,I wonder why?
Old 07-07-2008, 05:58 PM   #3
Registered: Jul 2008
Posts: 40

Rep: Reputation: 15
Flash player definitely is a security hole. Any binary program that has such as auto updates could allow an attacker to in theory tunnel into your network through the third party update provider. This doesnt seem too implausible and of course do you really trust Adobe?!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
2008 One Adobe Flashplayer no audio axistomp Mandriva 5 12-14-2007 08:05 PM
PHP file access: concurrency and security query Robhogg Programming 7 08-12-2007 12:39 PM
apt query concerning unstable entry f0rmula Linux - Software 2 12-03-2004 02:01 PM
Security Query Obie Linux - Security 3 05-09-2004 12:17 PM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 03:01 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration