Re: Questions on Security

On 06/06/2010 11:01 AM, Brian wrote:
On Thu 03 Jun 2010 at 18:03:34 -0400, Nathan Bahn wrote:

Attention all--

We're all ears!

I have read (at least, insofar as Windows operating systems are concerned)
that Java Script should be disabled on web browsers whenever possible
because of drive-by infections from infected websites. Does this also apply
to Linux?

Drive-by infections are triggered by a vulnerability in the browser. Firefox
on Linux doesn't appear to have any at present, so using JavaScript is not an

I like the "at present" part... Perhaps you missed my earlier post in
this thread:


and note that it's not just browsers.

Here, let me give you a sample:
[USN-586-1: mailman vulnerability]
Multiple cross-site scripting flaws were discovered in mailman. A
malicious list administrator could exploit this to execute arbitrary
JavaScript, potentially stealing user credentials.

That said: Mozilla (IMO) does an excellent job of addressing security
issues as soon as they are found. Better than Cisco, Adobe, HP, Apple,
Google & Oracle:


ubuntu-users mailing list
Modify settings or unsubscribe at: