From owner-freebsd-questions@FreeBSD.ORG Tue Jun 29 06:01:53 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D0D38106567A for ; Tue, 29 Jun 2010 06:01:53 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (lucid-nonsense.infracaninophile.co.uk [81.187.76.162]) by mx1.freebsd.org (Postfix) with ESMTP id 41FD28FC0C for ; Tue, 29 Jun 2010 06:01:52 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [81.187.76.163]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.4/8.14.4) with ESMTP id o5T60SMU018956 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Tue, 29 Jun 2010 07:00:28 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Message-ID: <4C298BFC.40900@infracaninophile.co.uk> Date: Tue, 29 Jun 2010 07:00:28 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.10) Gecko/20100512 Thunderbird/3.0.5 MIME-Version: 1.0 To: "Richards, Toby" References: <2D1FF82777560B40A2FDD2AD17C6FC219BB8@aocex016a.srv.courts-tc.ca.gov> <20100628234113.9146fedf.freebsd@edvax.de> <2D1FF82777560B40A2FDD2AD17C6FC219BBA@aocex016a.srv.courts-tc.ca.gov> In-Reply-To: <2D1FF82777560B40A2FDD2AD17C6FC219BBA@aocex016a.srv.courts-tc.ca.gov> X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.96.1 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=1.6 required=5.0 tests=BAYES_50,DKIM_ADSP_ALL, SPF_FAIL autolearn=no version=3.3.1 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on lucid-nonsense.infracaninophile.co.uk Cc: Polytropon , freebsd-questions@freebsd.org Subject: Re: Question RE: Linux Mode X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jun 2010 06:01:53 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 29/06/2010 04:34:10, Richards, Toby wrote: > So as far as I can tell, turning Linux Mode on exposes another threat > vector. Can I turn on Linux Mode ONLY for a single binary (the Flash > plugin)? Unfortunately no. Enabling the linuxulator loads a kernel module which provides a linux compatible syscall interface and a linux-like /proc filesystem: given that and the availability of suitable Linux shlibs, then potentially any Linux application can be run. On the other hand, given Apple's trenchant opposition to Flash on the iPad and iPhone, you could just grit your teeth for a year or so, by which time most sites should be providing a flash-free alternative. The FlashBlock and NoScript add-on modules for firefox work pretty well to smooth over the rough edges caused by lack of Flash support. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwpi/wACgkQ8Mjk52CukIyf5wCeOgnl0G5s2aQFmiGK6wVUhsHh xncAn1EXXpTjo3H8enchoenO1wI8iVMR =DIY2 -----END PGP SIGNATURE-----