On Aug 11, 2015 11:29 PM, "Reindl Harald" <h.rei...@thelounge.net> wrote: > > > > Am 11.08.2015 um 22:18 schrieb Mustafa Muhammad: >> >> > If I knew Mozilla's Linux binaries provided its own update mechanism >> > and notification, yes I would do exactly that. >> >> I am pretty sure they get updated just like Windows and OS X binaries, >> but the tar ball should be extracted in a user writable location > > > nonsense > > *if* you use binary tarballs they *should not* be extracted in a user writeable location as *no binary* whenever possible should have permissions allowing a ordinary user to change them > > they should be extracted to /usr/local/ with root-only write-permissions and you have to just start the application as root for updates - not only on Linux, on *any* operating system > > and since most users are not able to cope with this security principals package managers exists > _________________________________________ > > http://www.tldp.org/HOWTO/Security-HOWTO/file-security.html > > World-writable files, particularly system files, can be a security hole if a cracker gains access to your system and modifies them. Additionally, world-writable directories are dangerous, since they allow a cracker to add or delete files as he wishes
My home is not world writable. The way you pointed is the better way, of course, but I think even my simple way is better than waiting for package updates from the repos when an exploit is in the wild. > _________________________________________ > > as long as you did not inherit that principles you have no clue about security and will be the first victim of exploits on non-windows systems > > > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
