Re: with firefox on X11, any page can pastejack you anytime

Re: with firefox on X11, any page can pastejack you anytime

Open Source Security 

Posted by Donald Buczek on Oct 20

Yes, and „rm“ can delete all my files, but a piece of Javascript on random website, I visit with Firefox, is not
supposed to be able to do that.

A Javascript program from a website is not in the same security domain as the user and the commands and application he
invokes explicitly.

libX11 API is not exposed to Javascript, is it? Javascript is not able to communicate with your DISPLAY socket, is it?

To me it looks like a big issue….
 Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert