[linux-elitists] Browser plugins and write permissions

Rick Moen rick@linuxmafia.com
Fri Nov 19 19:21:59 PST 2004


I'm wondering if anyone has a better solution to this problem, and am
betting someone already does:

You find yourself wanting to install some plug-in for your Web browser.
In olden days, it would be a tarball that you'd extract, give the hairy
eyeball for a while, then chown some appropriate directory long enough
to give your regular login the right to install the necessary pieces,
then put them in place using your regular user privilege, then chown the
directory back.  

Some variant on this regimen generally worked on even rather twisted
installers -- but now we have things like XUL .xpi files, which might be
installable outside the browser, but I'm not immediately sure how.
Everyone seems to expect that you'll just start up the browser with root
authority and clickity-click the thing in.

Me, I'd walk a long ways around before running a Web browser, especially
something the size and complexity of Mozilla code, under UID zero.  So,
my half-assed spur-of-the-moment solution was to recursively chown both
/var/lib/mozilla-firefox and /usr/lib/mozilla-firefox to rick:rick, do
the clickity-click thing as user rick, and then chown the directories
back.

Is there a better way, (moreover) one more clueful about this being a
multi-user environment?   Would it make sense to have a firefox-plugins
group, to which users trusted with that some bundle of write privileges
could belong?  Or some better solution that just isn't occuring to me?

And why do (to my knowledge) no Linux distributions have any mechanism
to deal with this problem, short of expecting people to run large Web
browsers with root authority?




More information about the linux-elitists mailing list