[linux-elitists] Browser plugins and write permissions
Sat Nov 20 05:44:07 PST 2004
On Fri, Nov 19, 2004 at 07:21:59PM -0800, Rick Moen wrote:
>I'm wondering if anyone has a better solution to this problem, and am
>betting someone already does:
>You find yourself wanting to install some plug-in for your Web browser.
>In olden days, it would be a tarball that you'd extract, give the hairy
>eyeball for a while, then chown some appropriate directory long enough
>to give your regular login the right to install the necessary pieces,
>then put them in place using your regular user privilege, then chown the
>Some variant on this regimen generally worked on even rather twisted
>installers -- but now we have things like XUL .xpi files, which might be
>installable outside the browser, but I'm not immediately sure how.
>Everyone seems to expect that you'll just start up the browser with root
>authority and clickity-click the thing in.
Pardon? What an appalling notion.
I've not got a hojillion plugins installed by any means, but the few
essential FireFox ones I do have (AdBlock, Web Developer, Sage,
SwitchProxy) are all in .whateveritis, as is Java (though the latter
requires "java" be in the path, as well as the .so be in the plugins dir
...in fact, I've just looked and the whole of Firefox is in my homedir
as a result of laziness post-download.
Not exactly a scalable package-managed system, but it's my desktop and
not shared, and no-one runs browsers on non-desktop systems... right?
>Me, I'd walk a long ways around before running a Web browser, especially
>something the size and complexity of Mozilla code, under UID zero. So,
I would rather stab myself in the eyeball than run a browser as root.
Explaining this to my boss as one of the many reasons for Linux on my
desktop took a long time, until he got done over by IE-launched spyware
and had his PC threatened with forcible removal from the netops
subnet... He runs firefox on win32 now.
 Hojillion - unit of measure of something very, very valueless; see
>my half-assed spur-of-the-moment solution was to recursively chown both
>/var/lib/mozilla-firefox and /usr/lib/mozilla-firefox to rick:rick, do
>the clickity-click thing as user rick, and then chown the directories
>Is there a better way, (moreover) one more clueful about this being a
>multi-user environment? Would it make sense to have a firefox-plugins
Ah, now there you're asking. I believe that Debian has such plugins as
Although personally I'm not entirely sure I trust anyone to be putting a
plugin into a directory where my browser will load it, even if they are
in a Unix group. I'm certainly not ready to rule out the possibility of
an exploitable bug in the notional install mechanism.
>group, to which users trusted with that some bundle of write privileges
>could belong? Or some better solution that just isn't occuring to me?
>And why do (to my knowledge) no Linux distributions have any mechanism
>to deal with this problem, short of expecting people to run large Web
>browsers with root authority?
I'm guessing most people run browsers on Linux systems where only one
user has the desktop, so lots of people needing the same plugin is rare.
And honestly, with Mozillas from this millennium, I've never needed to be
root (for any plugin I'd actually *trust* anyway).
It occurs to me that this was the kind of thing NFS mounting /usr was
designed to handle if you have a multi-machine installation; you could
have a central /usr/lib/mozilla directory.
More information about the linux-elitists