Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 18 Dec 2014, 18:35
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Browse as user "Spot"
Post new topic   Reply to topic View previous topic :: View next topic
Page 4 of 6 [80 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Author Message
L18L

Joined: 19 Jun 2010
Posts: 2610
Location: www.eussenheim.de/

PostPosted: Sat 23 Apr 2011, 11:21    Post subject:  

nooby wrote:
...keep them also for root...

No, root may and can do everything inclusive viewing of pictures of all users
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 11:23    Post subject:  

L18L refer to these exchanges
http://murga-linux.com/puppy/viewtopic.php?p=515665#515665

Sorry I am always confusing

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 11:26    Post subject:  

But I did try to follow what rcrsn51 wrote but maybe something in my set up here made it to fail or some space in teh code whatever. the bsafe never got created.

I can start with spot again though.

okay about root I still ahve the problem that my body will not be able to refrain from starting browser as root. it don't ask my persmission it just go doing it and then later I realize that hours ahs gone by as root

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9355
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 11:32    Post subject:  

nooby wrote:
But if it is vulnerable to attack then what is the usage? I mean that was why we wanted to be spot in the first place :) To get away from such vulner things

Again, this is the crucial issue. There is nothing magic about the user spot. If you let a piece of malware into your system (like a script off a web page) that wants to delete or alter your files, it doesn't matter who you are logged in as. It can change any file that it has permission to do so. If it is running as spot (or any other unprivileged user) it can delete ANY file belonging to that user. But it cannot change your system files or start a malicious process like a bot. (This presumes that the malware didn't gain privilege elevation through some other method.)

But if you are running your browser as root, the malware can attack any file owned by root - which is all of them!

Consider what happens in Windows. If you are like many people and routinely login as the admin user, then a malicious script has full rights to your file system. That's how it inserts itself into the Windows registry and numerous other spots.

Personally, I have come to accept bugman's view of Internet security. The single most important thing you can do is control web page scripting.

What is a mystery to me is why Firefox's implementation of Javascript is still so vulnerable to exploits. Does anyone have a explanation for this?
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 11:38    Post subject:  

I would love to migrate to using spot as often as possible but latest failure makes me have severe headache Smile Wow it was much more difficult than I thought.

What about the advice to just drag default browser icon to spot? and then it is owned by spot or something? maybe that is the easiest if I find the right icon that is. is it the one named Browse on the Desktop?

so I create a dir on mnt/home and go into permissions and tell it to be powned by spot? I change password for spot and for root too and then it should just work?

okay I need to move the .mozilla dir to spot too.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Luluc


Joined: 16 Mar 2011
Posts: 200

PostPosted: Sat 23 Apr 2011, 11:44    Post subject:  

nooby wrote:
I would love to migrate to using spot as often as possible but latest failure makes me have severe headache Smile Wow it was much more difficult than I thought.

What about the advice to just drag default browser icon to spot? and then it is owned by spot or something? maybe that is the easiest if I find the right icon that is. is it the one named Browse on the Desktop?

so I create a dir on mnt/home and go into permissions and tell it to be powned by spot? I change password for spot and for root too and then it should just work?

okay I need to move the .mozilla dir to spot too.


Hi, nooby. Open this file with any file editor:

/usr/local/bin/defaultbrowser

It should contain this:

Code:
exec firefox "$@"


Change it to this:

Code:
exec su spot -c firefox "$@"


All your problems are solved.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 11:53    Post subject:  

Luluc thanks for wanting to sort things out but ...

Yes but the code from rcrsn that I used in rxvt deleted user spot and created a new one and then I due to ADHD deleted that dir at mnt/home so I need to know how to recreate that again and move teh .mozilla dir to that one and it should be owned by spot and have the right permission and so on.

in what order should I do all of that then?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9355
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 12:00    Post subject:  

@nooby: This is far too confusing. I would suggest that you leave this issue for now and come back tomorrow when clearer heads may prevail.

I would also suggest that you set up a test install with a fresh pupsave file.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 12:03    Post subject:  

For your sake I could but how can I get teh firefox preferences over to that one then?

no need to wait to tomorrow here there are 4 more hours to go to bed Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Luluc


Joined: 16 Mar 2011
Posts: 200

PostPosted: Sat 23 Apr 2011, 12:04    Post subject:  

nooby wrote:
Luluc thanks for wanting to sort things out but ...

Yes but the code from rcrsn that I used in rxvt deleted user spot and created a new one and then I due to ADHD deleted that dir at mnt/home so I need to know how to recreate that again and move teh .mozilla dir to that one and it should be owned by spot and have the right permission and so on.

in what order should I do all of that then?

You deleted /mnt/home/spot? After you had moved .mozilla from /root to /mnt/home/spot? So, do you still have .mozilla anywhere? I am afraid you may have deleted all copies of it.

rcrsn51 wrote:
@nooby: This is far too confusing. I would suggest that you leave this issue for now and come back tomorrow when clearer heads may prevail.

I would also suggest that you set up a test install with a fresh pupsave file.

I agree. But it doesn't have to be a completely new pupsave file. It can be any other recent one. I suspect that nooby is doing all this experimentation on expendable copies of her actual pupsave file.

BTW, I'm signing off for today. Can't help anymore.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 12:17    Post subject:  

Here is my solution, I did created a new lupu513 subdir based on Snowpu5 and named it snow5spot to know it is prepared to be a spot browser thing.

I used a copy of a backup pupsavefile so what should I do now?
this one have .mozilla on the root and not on mnt/home

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Sat 23 Apr 2011, 13:20    Post subject:  

I just noticed this thread, and just looked briefly at the first few posts. Since I use spot with sudo and a designated home directory, I'll briefly weigh in. Running a downloaded copy of Firefox from Spot from a terminal is no problem...it will install new config directories in home. If I run from root, it will use .mozilla in /root.

The underlying principle running with non-root user is that basically you start from scratch setting up apps, unless you want to go through the hassle of changing permissions, etc. It's often just easier to run the apps from root unless you have a specific reason not to. Puppy works great the way it is for most users.
Back to top
View user's profile Send private message 
Bernie_by_the_Sea


Joined: 09 Feb 2011
Posts: 329

PostPosted: Sat 23 Apr 2011, 13:23    Post subject:  

Quote:
Javascripts have a number of inherent limitations in them to prevent them from doing malicious things to a network, so at best it can snoop around, issue commands to anything that's not password protected and has a web interface (Assuming it can identify it), etc. Having a rogue Javascript operating in your browser environment is nothing to lose sleep over.

Quote:
Javascript has been around for over a decade now, and is almost universally enabled by web users. There's a reason why Javascript exploits are almost never attempted: they're not only screamingly obvious and leave a nasty paper trail, but their scope is extremely limited and their chances of finding a successful target quite low. There are any number of better, safer ways to attack a person with absolutely no security sense.

Quote:
Does only accessing the internet on a user account help protect against this?

Well it's a good idea for a lot of other reasons, but no. A Javascript has absolutely no direct access to the system it's running on, so it's no less secure if you're running as root.

Emphasis added. Above quotes from:
http://anti-state.com/forum/index.php?board=5;action=display;threadid=17522
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9355
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 13:36    Post subject:  

That page is dated 2006. A lot of things have changed since then. So if Javascript isn't the culprit, then what content on a web page is capable of changing the Windows registry?
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9355
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 14:32    Post subject:  

@nooby: The technique of creating a new unprivileged user whose home directory is in /mnt/home won't work for you. It requires that /mnt/home be formatted with a Linux filesystem like ext. You don't have this.

Also, trying to symlink spot's .mozilla profile into /mnt/home won't work either. Spot doesn't have write permission there.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 4 of 6 [80 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0932s ][ Queries: 13 (0.0092s) ][ GZIP on ]