On 12/12/2012 23:26, Michael Gilbert wrote:
Ultimately, for anyone even modestly
security-conscious adobe flash should really be avoided at all costs.
+1
I'm not an expert, but I think that packages like this must first ask
the users list on which you want this plugin installed and than execute
scripts only for those users as user not root with, for example, su -c
USER1 "script.sh" ... (downloading the file [with ugo+r] in
/tmp/RANDOMDIR [with ugo+x] only once).
Also I think that these packages must alert the user that they will
download somethings from a website and ask for a confirmation to
continue (I don't know if it is already implemented).
Ciao
Davide
--
Dizionari: http://linguistico.sourceforge.net/wiki
Fate una prova di guida ... e tenetevi la macchina!:
http://linguistico.sf.net/wiki/doku.php?id=usaooo2
Non autorizzo la memorizzazione del mio indirizzo su outlook
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/50ca30db.6090...@gmail.com
