LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

March 2016

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS March 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	SL6, firefox, flash, and upgrade failures
From:	Keith Lofstrom <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Tue, 22 Mar 2016 10:03:03 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (57 lines)

Is there a way to TURN OFF Firefox "flash is insecure" nagging,
or FORCE "Always Activate" when it is grayed out in about:addons?


I run 32 bit SL6.x on most of my machines, which means running
the older enterprise version of Firefox.  Three experimental
machines are slowly being upgraded to 64 bit SL7.2, fixing
legacy incompatabilities and gratuitious behavior changes
before upgrading the rest.  Google Chrome is no longer
supported for 32 bits, and Google spyware is an issue anyway.

One frustrating timesink is dealing frequent Adobe flash
security upgrades and Firefox's failure to recognize that
the upgrades have already occured on the SL6.x machines. 
For example, though a recent YUM update automatically
updated /usr/lib/flash-plugin/libflashplayer.so from
11.2.202.569 to 11.2.202.577, Firefox insists the plugin
is still at 569.  

The only way I've found to fix that is to:

1) Stop all running instances of Firefox in all windows
2) yum erase flash-plugin
3) start Firefox (it recognizes that flash is gone)
4) stop Firefox
5) yum install flash-plugin
6) restart Firefox (recognizing the new flash version)

This takes about 10 minutes per machine (mostly (1), mostly 
documenting browser state), and occurs about once a month. 

Somewhere in the code, Firefox is asking some server about
the latest version of Firefox and flash (more spyware) but
not actually detecting the running version of flash.  I don't
expect the Firefox team to fix this ( they say "use the latest
version of mainline Firefox, use a newer distro, buy newer
machines" - personal conversations with Firefox team members),
so it may be up to us to fix this.  Hopefully there is a
configuration option that turns off the spyware.  Perhaps
we zero out the internet address used by the spyware (which
seems like a gaping security hole anyway).  We are blessed
with reliable distro updates, we don't need Firefox nagging.

I am upgrading to 7.2 mostly to push out the date of the
reemergence of similar sociopathic nonsense, but the Firefox
team will probably make more incompatible library changes in
the future that require enterprise Firefox versions for 7.x,
which they will subsequently fail to properly support.

How can we protect and extend the functional lifetime of our
longterm-supported distro, so we can focus on productive work?

Keith

-- 
Keith Lofstrom          [log in to unmask]

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV