jailbreak the browser
21 views
Skip to first unread message
complexjunk
Jun 13, 2008, 6:58:27 PM6/13/08
to Webconverger Users
The latest version (webc-3.0b2.mini) seems to have a security issue
for kiosks: you can save a file from a website and tell "open with..."
to point to one of the terminal programs found on the filesystem. From
there you have full access to wget anything on the web and run it.
I've seen other kiosk plugins for firefox, and they usually completely
disable the option to download anything. The unused programs also seem
unnecessary and an added risk.
This method did not work in webc-2.39.mini but the download manager is
still there (and takes up half the screen).
for kiosks: you can save a file from a website and tell "open with..."
to point to one of the terminal programs found on the filesystem. From
there you have full access to wget anything on the web and run it.
I've seen other kiosk plugins for firefox, and they usually completely
disable the option to download anything. The unused programs also seem
unnecessary and an added risk.
This method did not work in webc-2.39.mini but the download manager is
still there (and takes up half the screen).
Kai Hendry
Jun 15, 2008, 5:43:13 PM6/15/08
to webc-...@googlegroups.com
Thanks for pointing this out. I've forgotten to document this at
http://webconverger.org/todo/
http://webconverger.org/todo/
I meant to open a bug on Mozilla's Bugzilla too.
I haven't quite figured out how to disable some new features of FF3,
like their new download manager. Their "awesome bar" was difficult
enough. :)
http://git.webconverger.org/?p=iceweasel-webconverger.git;a=blob;f=webconverger.css
Everything is in git and if someone figures it out before I do, you'll
make definitely make it to the
http://webconverger.org/acknowledgements/
Kind regards,
Kai Hendry
Jun 16, 2008, 6:26:21 PM6/16/08
to webc-...@googlegroups.com
Ok, could you please test out webc3beta3?
http://webconverger.org/blog/entry/Disabling_downloads/
nn,
p1ho...@yahoo.com
Jun 16, 2008, 10:53:03 PM6/16/08
to Webconverger Users
Hi Hendry,
I tried out the webc3beta3.
1. On my IBM Z60t laptop, sound is not working on youtube.com or other
websites. download a file does not cause the download manager to be
running :)
2. After bootup shows the firefox, when close the firefox (click the
cross button on the right corner) you will see a error page. stpes to
produce is:
a: enter "http://www.rarsoft.com/download.htm" into the web
browser address bar.
b: click "WinRAR 3.80 beta 2", nothing happen.
c: click the tab close button, by right should see the
webconverger.png background pic then see new firefox is open, but
after click the close button, you will see a page shows "/tmp/
tqhpN3gh.bin.prt/ chould not be saved, becuase the source file could
not be read. Try again later, or contact the server administrator".
click the [ok] button, then you can see the webconverger.png
background pic then see new firefox is open.
Compare to beta2:
1. After bootup, xauth: creating new authority file /home/
webc/.Xauthority will be created twice, so ps ax can see two "sh /home/
webc/.xsession".
2. On Sony VGN-FE15 laptop, after bootup show the firefox browser,
display is not the correct 1280x800 resolution, but beta2 yes. i found
the beta3 146MB compared with beta2 160MB, i compared the package
file, seems you stripped out some xserver-xorg-video drivers.
3. during bootup, can see the screen (ctrl+alt+F1) has lots of error
messages compared with beta2 which is very clean, like in beta3 shows
cannot open /etc/fstab, zoneinfo/utc, standard locale ("C") problems
and etc.
4. after bootup shows the firefox, i still can use ctrl+alt+Fx, i
found /etc/X11/xorg.conf file shows is generated by dexconf, and there
is no ServerFlags compared with beta2. I think "home/webc/.xsession"
need to add back the "cat >> /etc/X11/xorg.conf <<WCEND..." like the
old file webconverger.init file (deleted). It seems in beta3, the xorg
ln -s is not working.
Thanks
I tried out the webc3beta3.
1. On my IBM Z60t laptop, sound is not working on youtube.com or other
websites. download a file does not cause the download manager to be
running :)
2. After bootup shows the firefox, when close the firefox (click the
cross button on the right corner) you will see a error page. stpes to
produce is:
a: enter "http://www.rarsoft.com/download.htm" into the web
browser address bar.
b: click "WinRAR 3.80 beta 2", nothing happen.
c: click the tab close button, by right should see the
webconverger.png background pic then see new firefox is open, but
after click the close button, you will see a page shows "/tmp/
tqhpN3gh.bin.prt/ chould not be saved, becuase the source file could
not be read. Try again later, or contact the server administrator".
click the [ok] button, then you can see the webconverger.png
background pic then see new firefox is open.
Compare to beta2:
1. After bootup, xauth: creating new authority file /home/
webc/.Xauthority will be created twice, so ps ax can see two "sh /home/
webc/.xsession".
2. On Sony VGN-FE15 laptop, after bootup show the firefox browser,
display is not the correct 1280x800 resolution, but beta2 yes. i found
the beta3 146MB compared with beta2 160MB, i compared the package
file, seems you stripped out some xserver-xorg-video drivers.
3. during bootup, can see the screen (ctrl+alt+F1) has lots of error
messages compared with beta2 which is very clean, like in beta3 shows
cannot open /etc/fstab, zoneinfo/utc, standard locale ("C") problems
and etc.
4. after bootup shows the firefox, i still can use ctrl+alt+Fx, i
found /etc/X11/xorg.conf file shows is generated by dexconf, and there
is no ServerFlags compared with beta2. I think "home/webc/.xsession"
need to add back the "cat >> /etc/X11/xorg.conf <<WCEND..." like the
old file webconverger.init file (deleted). It seems in beta3, the xorg
ln -s is not working.
Thanks
Reply all
Reply to author
Forward
0 new messages