icedtea-web installed and enabled by default in Fedora 19
Pete Travis
lists at petetravis.com
Tue Jun 18 17:49:03 UTC 2013
On Jun 17, 2013 9:03 AM, "Bill Nottingham" <notting at redhat.com> wrote:
...
> > >
> >
> > I think given all the trouble this plugin has caused recently, it
wouldn't
> > be wise to install it for everyone. If you need it, great, install it,
but
> > if a users doesn't need it, it's really just creating a level of risk we
> > probably don't want.
> >
> > Fedora currently has a reputation for being pretty secure, I think this
> > could damage that reputation.
>
> The one issue I can see with removing it is that the plugin finder you
> then get in Firefox if you hit a Java site doesn't work to actually get
you
> the Fedora version.
>
> Bill
> --
+1
This is a strong argument for installing it by default. What would be more
secure - the distro maintained package or the user maintained tarball or
rpm without repo? The users that need help with security the most are the
users that will follow the inline instructions by rote, without searching
the repositories.
--Pete
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130618/71159294/attachment.html>
More information about the devel
mailing list