From:
[email protected]
Package: gcjwebplugin
Version: 0.3.0-1
Severity: normal
Tags: security
The gcjwebplugin web page (
http://www.nongnu.org/gcjwebplugin/) has the following very prominent warning:
WARNING:
The current version does not provide a security manager capable of
handling Java (tm) applets. Applets have UNRESTRICTED access to your
computer. This means they can do anything you can do, like deleting all
your important data.
Does this apply to the Debian package? Assuming that it does, I feel
that a similar warning should be shown. It could be included in the Description, but I think that something even more prominent is justified considering the seriousness of the problem. For example, there could be
a high-priority debconf question saying "A malicious web page could
trash your system, are you sure you want to install this?".
Regards, --Phil.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (900, 'testing'), (800, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.3-1-686
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8
Versions of packages gcjwebplugin depends on:
ii libc6 2.3.2.ds1-11 GNU C Library: Shared libraries an ii libgcc1 1:3.4.1-4sarge1 GCC support library
ii libglib2.0-0 2.4.2-1 The GLib library of C routines
ii libstdc++5 1:3.3.4-2 The GNU Standard C++ Library v3
ii sablevm 1.1.6-2 Free implementation of Java Virtua
-- no debconf information
--
To UNSUBSCRIBE, email to
[email protected]
with a subject of "unsubscribe". Trouble? Contact
[email protected]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)