On Sat, 17 Nov 2012, Gary Driggs wrote:
I see this question asked regularly... Generally speaking, the vast majority of browser exploits in the wild target windows browsers or their plugins like Java, Adobe Reader & Flash, or ActiveX. So even if you're using one of those plugins with a Unix browser (of those available), you're already protected since the exploits won't run on your OS if they're even triggered in the first place. In my
This might be true for x86 binary code but does not seem to apply to JavaScript or any other intepreter/VM embedded in the browser. Even with x86 binary code, it is possible that the code may be able to resolve and invoke a standard C library call (e.g. system()) in a way which works on both Solaris and Linux.
The Flash plugin is not maintained for Solaris or Linux any more so security exploits will continue to build up.
There is little doubt that the chance of being exploited is much less with Solaris since the desktop user base is so small, it is not cost effective to target it.
Bob -- Bob Friesenhahn bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ _______________________________________________ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
