Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 22 Aug 2014, 19:44
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Browse as user "Spot"
Post new topic   Reply to topic View previous topic :: View next topic
Page 5 of 6 [80 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Author Message
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 15:32    Post subject:  

Thanks that explains it then.

I could still run FF as spot though but Spot will be a sub to root? an anything saved that I want to be outside of mnt/home I have to go there as root and move out of spot?

It would still add to security from injection code?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9040
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 15:50    Post subject:  

nooby wrote:
I could still run FF as spot though but Spot will be a sub to root?

Correct. If you check the properties of the folder /root/spot, you will see that it is owned by spot. That's the only place that spot has permission to save files, other than special locations like /tmp.
Quote:
and anything saved that I want to be outside of mnt/home I have to go there as root and move out of spot?

Correct. If you are running your browser as spot, you cannot automatically download a file to /mnt/home. Spot does not have write permission on that folder.
Quote:
It would still add to security from injection code?

I'm still not clear on that issue. Firefox is constantly releasing updates to fix various security issues. Since most Linux users are unprivileged, one could conclude that even though you are running the browser unprivileged, you are still vulnerable. Or maybe those updates really only apply to Windows users.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 16:44    Post subject:  

Thanks, what about the Chromium and SRWare Iron then those being clones them using sandbox tech would that add security
_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Bernie_by_the_Sea


Joined: 09 Feb 2011
Posts: 329

PostPosted: Sat 23 Apr 2011, 16:53    Post subject:  

rcrsn51 wrote:
So if Javascript isn't the culprit, then what content on a web page is capable of changing the Windows registry?

Just about any and all content on a web page is potentially capable of changing the Windows registry. Hint: ANY Mozilla, Firefox, Safari, or Opera plugin (that uses NPAPI which means almost all) is a doorway to access the registry.

Keep in mind that to change the Windows registry you must first have a Windows registry to change. Even with Wine, the Windows registry that Wine accesses is not the real registry but rather the one stored in Wine itself. Changes to the registry there affect only apps running in Wine. Have many running Linux in general and Puppy in particular have a Windows registry on their computer? Hint: a drive must be mounted to write to it.

Keep in mind that javascript cannot exceed the browser’s level of security (and this has nothing to do with running as root). The only thing a browser can write to is a cookie. The only thing a browser can communicate with is the server. The only data manipulation a browser can do is to the object model of the web page (used with forms and the like).

Note: To avoid teaching hacker/crackers I give only hints that might be used by defenders against hacker/crackers. Discussing things like web pages modifying the registry is dangerous in itself.

Another hint: Here's a handy plugin that can reach the registry on a computer where there are zero root/administrative rights. https://addons.mozilla.org/en-US/firefox/addon/open-in-regedit/
Back to top
View user's profile Send private message 
01micko


Joined: 11 Oct 2008
Posts: 7794
Location: qld

PostPosted: Sun 24 Apr 2011, 08:23    Post subject:  

OK, here's an experimental version of Browsesafe

It attempts to address some of the things being discussed here, such as other users than spot (an option) and installing config folder outside the savefile (another option). It all takes place at install time with a comprehensive GUI. It takes into account what type of install you have.

Be warned that for success you will probably have to delete any .mozilla files in /root/spot. Also it is experimental. Lots of stuff is going on behind the scenes in that install script so I have tried to be efficient.

Have fun

newer version, fixed bernie's bug and minor ntfs bug, added puninstall script to advise on some manual cleanup

_________________
Woof Mailing List | keep the faith Cool |

Last edited by 01micko on Sun 24 Apr 2011, 20:54; edited 2 times in total
Back to top
View user's profile Send private message Visit poster's website 
Bernie_by_the_Sea


Joined: 09 Feb 2011
Posts: 329

PostPosted: Sun 24 Apr 2011, 11:58    Post subject:  

01micko wrote:
OK, here's an experimental version of Browsesafe

With the default installation it doesn't work in Wary 500.

Code:
# browsesafe
/usr/sbin/browsesafe: line 2: /root/.browsesaferc: No such file or directory

Also I don't have a chat icon so the browsesafe icon went on top of my Opera icon.

I uninstalled it and reinstalled it not using the default. I didn't choose anything but the second time it worked.

It seems to have uninstalled cleanly but it took a 6MB chunk out of pupsave that I haven't found yet. EDIT: OK, I found it right where it was supposed to be at /root/spot/.mozilla and I got my chunk back.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sun 24 Apr 2011, 13:15    Post subject:  

So browse safe works best with a fresh install? Does it work on frugal on NTFS too?

Big problem Smile No sound in Spot. Does one have to open alsa in spot if one are allowed to even?

I use a pupsave file. Was that a no no? I did the pet but ti failed.

Instead I tested to go to terminal and doing

# su spot
# firefox

which start up firefox in spot and I have no access to mnt/home from within firefox and I can not update firefox or install addons to it?

ooops I will save something to see if that works
yes restricted to spot but Rox is root so I can move things from spot to mnt/home.

But I failed to get old .mozilla to work in Spot it insisted to create a new one.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Jasper


Joined: 25 Apr 2010
Posts: 1111
Location: England

PostPosted: Sun 24 Apr 2011, 14:50    Post subject:  

Hi 01micko,

Thank you for your excellent and flexible browsesafe-0.7.pet.

I have not yet been required to enter the password I set up. So I would like to ask when is that password needed?

I apologise to you and to rcrsn51 and to any reader who was offended by my original query which had two words in large text. I will not do that again.

My regards
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9040
Location: Stratford, Ontario

PostPosted: Sun 24 Apr 2011, 16:09    Post subject:  

nooby wrote:
Big problem :) No sound in Spot. Does one have to open alsa in spot if one are allowed to even?

I don't see this problem. Maybe it's specific to your sound card?
Quote:
But I failed to get old .mozilla to work in Spot it insisted to create a new one.

If you manually copy your .mozilla folder from /root to /root/spot, you must also transfer ownership to spot.
Code:
chown -R spot:spot /root/spot/.mozilla

I did a quick test with Firefox and it worked for me.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sun 24 Apr 2011, 21:10    Post subject:  

rcrsn51 wrote:
If you manually copy your .mozilla folder from /root to /root/spot, you must also transfer ownership to spot.
Code:
chown -R spot:spot /root/spot/.mozilla

I did a quick test with Firefox and it worked for me.


Ooops so typical of me to not think about such things.

What does that mean then? Can I have one .mozilla in root that is owned by root and one on Spot that is owned by spot?

I mean if I make a copy of the one in Root so it also exists in Spot
and does that need another code to not lock the one in root to Spot? or globally something [/code][/quote]

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
01micko


Joined: 11 Oct 2008
Posts: 7794
Location: qld

PostPosted: Sun 24 Apr 2011, 21:21    Post subject:  

Hi guys

Bernie_by_the_Sea, thanks for bug report on the vanilla install, fixed

jpeps, these newer experimental versions have lots of options, explained below.

nooby, since this is testing there is some manual work to do to get this pet working if you have installed it before. I can't do it automatically because I have no way of knowing who you created as the user, if at all, so bearing this in mind, I dare not touch your spot either Smile . Read carefully below.

Jasper, the password is not needed. I just couldn't figure out how to create the user without a password from a script. The password may be needed for other apps you decide to run as your newly created user.

rcrsn51, working ok for you? Any suggestions for improvement?

~~~~~~~~~~~~~

I should have explained when I posted ver 0.7 in more detail what the new setup screen can do.

-first of all, you don't even need to go to it (now, before there was a bug). Just click yes or no and you can browse as spot from the menu or icon with no current settings touched.

-if you choose the setup screen you will be confronted with a few options depending on your type of install

-if you have a full install, a frugal that saves to the entire partition or a save back to CD/DVD install then you are not given the option to save spots or your created user's browser settings outside of the savefile. This is because you would need to mount another partition to save the settings. A bit complicated and probably beyond the scope of this project. You still have the option to create a user, but it will be inside your filesystem.

-if you have a normal frugal then you are given the option to save settings outside your savefile.
*If you leave the default 'spot'. then a folder called 'spot-download' is created in /mount/home owned by spot. If you choose to import settings then you /root/.mozilla folder is copied to /mount/home/spot-download, ownership changed to spot, then that is symlinked back to /root/spot/.mozilla. If your /root/.mozilla is a symlink to some existing .mozilla outside the savefile, this is detected and a splash warns that that process can not happen. The ownership of symlinks depends on the target. Cache is cleared.
*if you create a user in a normal frugal then that user's home directory is created outside the savefile if you choose that option. /root/.mozilla is copied there and ownership changed accordingly. Cache is cleared.
*** Both these cases require that your save file is on a Linux filesystem. If not then I haven't figured out how to change ownership of directories on non-linux filesystems so the program refuses to do that and you are stuck with spot's or your user's browser settings inside your savefile.

HTH
screen1.png
 Description   first screen you see
 Filesize   24.72 KB
 Viewed   1228 Time(s)

screen1.png

screen2-linux-filesys.png
 Description   ext4 detected
 Filesize   35.55 KB
 Viewed   1240 Time(s)

screen2-linux-filesys.png

screen2.png
 Description   NTFS detected
 Filesize   35.1 KB
 Viewed   1235 Time(s)

screen2.png

browsesafe-0.8.pet
Description 
pet

 Download 
Filename  browsesafe-0.8.pet 
Filesize  10.09 KB 
Downloaded  339 Time(s) 

_________________
Woof Mailing List | keep the faith Cool |
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sun 24 Apr 2011, 21:35    Post subject:  

Micko thanks for the 0.8 pet
I started all over with a new snow5 named it snow5safe and used your 0.8 pet and that worked in that I had to start all over with passwords and bookmarks and so on but it does start from spot.
and save to spot but what about the bookmark.html file that still is owned by root. Can the criminals use such to get acess to the hdd?

Do I have to make them owned only by spot?

my older text now back to bed again if I can sleep this time. Hm
---
Hope I don't derail too much.

I did an experiment but not knowing enough about permissions run into trouble
urxvt in snow5 that is Lupu513 with Pemasu built in features from Jemimah and many others. I did this in Terminal

# cd ..
# ls
archive dev home lib mnt proc sbin sys usr
bin etc initrd lost+found opt root selinux tmp var
# cd root/spot
# ls
bkmrk.html bookmarks2009.html README.txt
# firefox

(firefox-bin:7643): libgnomevfs-WARNING **: Unable to create ~/.gnome2 directory: Permission denied
Could not create per-user gnome configuration directory `/mnt/home/spot/.gnome2/': Permission denied
#

As it shows I have added two bookmark html files there and made the ownership to spot. But spot don't have to permission to make the firefox preference file most likely. if I let it makes its own mozilla then it don't have my prefs in it. okay I try again to see if it is at least working with their prefs. But then I am not allowed to install noscript addon. and not do an update either of firefox which I should do now it is 3.6.13 and should be 16 instead.

There is so much still to learn for me. I did this and that fails too

# cd spot
# firefox

(firefox-bin:19933): libgnomevfs-WARNING **: Unable to create ~/.gnome2 directory: Permission denied
Could not create per-user gnome configuration directory `/mnt/home/spot/.gnome2/': Permission denied
# su -c firefox spot
su: must be suid to work properly
#

could it be that it still remember this thing from RCRSN51?
Quote:
rcrsn51 wrote

As a test, I deleted the current spot user and created a new one whose home directory is a subfolder of /mnt/home.
Code:
deluser spot
adduser -h /mnt/home/spot spot

I then ran Seamonkey as spot
Code:
su -c defaultbrowser spot

My .mozilla profile was created in my new home directory and my downloaded files went there by default. So nothing was being stored in my savefile.


But I don't have any spot there in mnt/home only in root/spot

have to go to bed again

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11084
Location: The Peoples Republic of California

PostPosted: Wed 27 Apr 2011, 22:56    Post subject:  

Quote:
Would someone please be so kind as to advise how I can load the add-ons and bookmarks using browsesafe?


I didn't use browsesafe or even know it existed until recently.

For me, it was primarily a decision to run Firefox as spot and no longer as
root.

I had some problems with the addons not working after copying /root/.mozilla
to /root/spot/.mozilla. I reinstalled the ones that didn't take and that pretty
well took care of things.

Of course I changed ownership of the files to spot.

Now there is no root .mozilla. I changed things so if I accidentally try and
start Firefox as root, it won't run. Basically, modifying start scripts to verify
the user is spot.

~

_________________
New! Puppy Linux Links Page
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Thu 28 Apr 2011, 04:24    Post subject:  

Thanks Bruce, can your help me get this?

Can I have one .mozilla in root that is owned by root and also that one copied over to Spot that is owned by spot? That would allow me to browse Puppy Linux Forum being root for to dowloading isos and pets and such and then when one browse sites one feel unsure then one start up the spot browser?

I mean if I make a copy of the one in Root so it also exists in Spot ?
And do as Rcrsn51 told me to make Spot own that .mozilla there.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
amigo

Joined: 02 Apr 2007
Posts: 2233

PostPosted: Thu 28 Apr 2011, 04:34    Post subject:  

Sure, just copy /root/.mozilla to /home/spot/.mozilla.
cp -a /root/.mozilla /home/spot/.mozilla

Do it as root, of course, and then change the ownership of spot's files like this(also as root):
chown -R spot:users /home/spot/.mozilla

That gives you an exact copy, but all the files belong to spot instead of root.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 5 of 6 [80 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1151s ][ Queries: 12 (0.0057s) ][ GZIP on ]