Is it time to allow Chromium in Fedora?
Reindl Harald
h.reindl at thelounge.net
Tue Aug 11 20:29:32 UTC 2015
Am 11.08.2015 um 22:18 schrieb Mustafa Muhammad:
> > If I knew Mozilla's Linux binaries provided its own update mechanism
> > and notification, yes I would do exactly that.
>
> I am pretty sure they get updated just like Windows and OS X binaries,
> but the tar ball should be extracted in a user writable location
nonsense
*if* you use binary tarballs they *should not* be extracted in a user
writeable location as *no binary* whenever possible should have
permissions allowing a ordinary user to change them
they should be extracted to /usr/local/ with root-only write-permissions
and you have to just start the application as root for updates - not
only on Linux, on *any* operating system
and since most users are not able to cope with this security principals
package managers exists
_________________________________________
http://www.tldp.org/HOWTO/Security-HOWTO/file-security.html
World-writable files, particularly system files, can be a security hole
if a cracker gains access to your system and modifies them.
Additionally, world-writable directories are dangerous, since they allow
a cracker to add or delete files as he wishes
_________________________________________
as long as you did not inherit that principles you have no clue about
security and will be the first victim of exploits on non-windows systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150811/08396b28/attachment-0001.sig>
More information about the devel
mailing list