[Slackbuilds-users] how do I enable the java plugin?
Rick McCombs AD5DU
rick.mccombs at gmail.com
Thu Apr 18 06:51:36 UTC 2013
I saw EXPOILT_ME but I wasn't sure if I was reading it correctly. It almost
sounds like a joke. I remember the java exploit found a few months ago
but I thought that was fixed. Is it really much of a risk on linux? What
ever happened to java running in a sandbox?
Thanks.
On Wed, Apr 17, 2013 at 11:59 PM, Matteo Bernardini <
matteo.bernardini at gmail.com> wrote:
> as the plugin is a serious threat for anybody using it, there's this block
> inside the slackbuild
>
> if [ ${EXPLOIT_ME:-"no"} = "YES" ] ;then
> mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins
> cd $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins
> ln -sf /usr/lib${LIBDIRSUFFIX}/java/jre/lib/${LIB_ARCH}/libnpjp2.so libnpjp2.so
> else
> echo "
> The February Critical Patch Update for Java SE addresses 50 security
> vulnerabilities, 44 of which affect the use of Java as a plug-in for
> Web browers.
>
> !! THE MOZILLA PLUGIN IS NO LONGER ACTIVATED BY DEFAULT !!
> "
> sleep 5
> fi
>
> so, if you prefer, passing a variable EXPLOIT_ME=YES to the slackbuild, exposes you to the various java plugin exploits out there.
>
> The mailing list archive is here
> http://lists.slackbuilds.org/pipermail/slackbuilds-users/
>
> Matteo
>
>
> _______________________________________________
> SlackBuilds-users mailing list
> SlackBuilds-users at slackbuilds.org
> http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
> Archives - http://lists.slackbuilds.org/pipermail/slackbuilds-users/
> FAQ - http://slackbuilds.org/faq/
>
>
>
--
Amateur Radio AD5DU.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20130418/c4a114b7/attachment.html>
More information about the SlackBuilds-users
mailing list