Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 01 Oct 2014, 13:06
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Browse as user "Spot"
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 5 of 6 Posts_count   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Author Message
Bruce B


Joined: 18 May 2005
Posts: 11109
Location: The Peoples Republic of California

PostPosted: Wed 27 Apr 2011, 22:56    Post_subject:  

Quote:
Would someone please be so kind as to advise how I can load the add-ons and bookmarks using browsesafe?


I didn't use browsesafe or even know it existed until recently.

For me, it was primarily a decision to run Firefox as spot and no longer as
root.

I had some problems with the addons not working after copying /root/.mozilla
to /root/spot/.mozilla. I reinstalled the ones that didn't take and that pretty
well took care of things.

Of course I changed ownership of the files to spot.

Now there is no root .mozilla. I changed things so if I accidentally try and
start Firefox as root, it won't run. Basically, modifying start scripts to verify
the user is spot.

~

_________________
New! Puppy Linux Links Page
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Thu 28 Apr 2011, 04:24    Post_subject:  

Thanks Bruce, can your help me get this?

Can I have one .mozilla in root that is owned by root and also that one copied over to Spot that is owned by spot? That would allow me to browse Puppy Linux Forum being root for to dowloading isos and pets and such and then when one browse sites one feel unsure then one start up the spot browser?

I mean if I make a copy of the one in Root so it also exists in Spot ?
And do as Rcrsn51 told me to make Spot own that .mozilla there.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
amigo

Joined: 02 Apr 2007
Posts: 2252

PostPosted: Thu 28 Apr 2011, 04:34    Post_subject:  

Sure, just copy /root/.mozilla to /home/spot/.mozilla.
cp -a /root/.mozilla /home/spot/.mozilla

Do it as root, of course, and then change the ownership of spot's files like this(also as root):
chown -R spot:users /home/spot/.mozilla

That gives you an exact copy, but all the files belong to spot instead of root.
Back to top
View user's profile Send_private_message 
ggg

Joined: 26 Apr 2011
Posts: 65

PostPosted: Thu 28 Apr 2011, 07:49    Post_subject:  

Hello,

If Firefox [root or spot] is configured to request the download location, can anything be downloaded [malicious or clean - possibly except cookies] secretly [i.e without user knowledge] whether running as root or running as spot?

If a download [perhaps an iso, an sfs, a pet, etc,] is executed from within spot, how does that provide more security than if spot had not been used?

Tor does not appear to be included in the mozilla definition for use with spot?

Cheers
Back to top
View user's profile Send_private_message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9156
Location: Stratford, Ontario

PostPosted: Thu 28 Apr 2011, 09:14    Post_subject:  

ggg wrote:
If a download [perhaps an iso, an sfs, a pet, etc,] is executed from within spot, how does that provide more security than if spot had not been used?

You couldn't install a PET while you are running your browser as spot. Spot does not have permission to write files to folders like /usr/bin. To install the PET, you would terminate the browser session and go back to being root.

Spot couldn't mount an ISO or SFS because it doesn't have rights to /mnt. And you wouldn't be doing that from within a browser session anyway.

So from a security standpoint, you gain nothing by downloading these files as spot.

The real problem with downloading these large files is finding a place to save them. You need a folder with enough free space where spot has write permission.

Quote:
If Firefox [root or spot] is configured to request the download location, can anything be downloaded [malicious or clean - possibly except cookies] secretly [i.e without user knowledge] whether running as root or running as spot?

That's why you have to keep your version of Firefox updated.

The theoretical danger from running your browser as root comes from malicious scripts buried on a web page. If one of these attempted to modify your system, the damage would be limited to the files inside /root/spot. (Unless the script was able to elevate its privilege.)
Back to top
View user's profile Send_private_message 
ggg

Joined: 26 Apr 2011
Posts: 65

PostPosted: Thu 28 Apr 2011, 10:21    Post_subject:  

Hello rcrsn51,

Thank you for your explanations, though with my second question about executing from within spot we may be at cross purposes [because I did not stress that Firefox had been closed before execution]. Then as I can, as root, install/execute a pet [or whatever] that is located within my spot folder; am I right to think that executing from inside spot provides no extra security?

However, it does seem to be safer to use browser spot mode so that secret and malicious downloads, if any, could only be to the spot folder and, I assume, would remain safe there, in a "vault", even after the browser closed so long as there was no deliberate execution.

If you have the time, would you please expound a little further if my interpretation of your explanation is imperfect.

Thank you
Back to top
View user's profile Send_private_message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9156
Location: Stratford, Ontario

PostPosted: Thu 28 Apr 2011, 10:32    Post_subject:  

ggg wrote:
Then as I can, as root, install/execute a pet [or whatever] that is located within my spot folder; am I right to think that executing from inside spot provides no extra security?

Correct.

Quote:
However, it does seem to be safer to use browser spot mode so that secret and malicious downloads, if any, could only be to the spot folder and, I assume, would remain safe there, in a "vault", even after the browser closed so long as there was no deliberate execution.

Correct. But consider this. The vast majority of Linux users run non-privileged. Yet Firefox is constantly releasing security patches to protect people from the latest exploit. Does that mean that running as non-root does not really offer protection? What do these upgrades protect you from?
Back to top
View user's profile Send_private_message 
ggg

Joined: 26 Apr 2011
Posts: 65

PostPosted: Thu 28 Apr 2011, 17:32    Post_subject:  

Hello rcrsn51,

Thank you very much for your clarification. Having thought hard about your two questions in your final paragraph, I can only suggest that apart from any speed or non-security improvement(s) then possibly Firefox upgrades may sometimes stop some exploitation instead of users having to rely upon "spot-type" isolation? Also, Firefox upgrades for Linux and Windows seem to happen almost concurrently [with seemingly identical version numbering] so on some occasions might the upgrades be aimed at the protection of Windows users rather than Linux users?

Cheers
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 5 of 6 Posts_count   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0692s ][ Queries: 12 (0.0055s) ][ GZIP on ]