12 May
2009
12 May
'09
5:55 a.m.
On Monday 11 May 2009, Anurag wrote:
2009/5/11 Rony gnulinuxist@gmail.com:
It was just that but my query is how secure is browsing in Linux if javascript is enabled, given the fact that this sticky window would refuse to go? Does enabling of scripting in firefox bypass the Unix file self execute permission barrier?
From what I understand of mozilla's javascript engine, it runs inside
a sandbox and has no permission to do anything with the operating system. A javascript code wouldn't be able to automagically download files and set chmod bits.
Assuming that the sandbox implementation is secure. Afair there were holes in the jre. Especially M$ jre.
Anything Auto is a security hole EOM.
--
Rgds
JTD