[Bug 870821] Re: Numerous plugins should not be bundled together in packages for security reasons
870821 at bugs.launchpad.net
Fri Sep 21 11:42:31 UTC 2012
I created a new bug specifically for the gecko-mediaplayer package.
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-meta in Ubuntu.
Numerous plugins should not be bundled together in packages for
Status in “ubuntu-meta” package in Ubuntu:
Web browser plugins are a major vector for exploit on the internet.
For security reasons, it is best not to install plugins you don't
need. Yet Ubuntu-packages bundle numerous plugins together. For
example, if I use one single plugin (e.g., Windows Media Player Plug-
in), I have to install the gecko-mediaplayer package. Yet the gecko-
mediaplayer package installs 4 additional plugins in addition to the
Windows Media Player Plug-in. I NEVER use the 4 additional plugins
that are installed. Further, among the 4 additional plugins installed
are QuickTime and RealPlayer. Two plugins that are notoriously
exploited on the web.
Packages should not bundle so many plugins together. A separate
package should exist for each plugin. Or some other solution should be
developed that allows users to only install the plugin they actually
Security is a major problem these days and users should not have to
install more plugins than they actually use, especially when the
unused plugins are notorious for security vulnerabilities.
DistroRelease: Ubuntu 11.10
Package: gnome-session-bin 3.2.0-0ubuntu3
ProcVersionSignature: Ubuntu 3.0.0-12.20-generic 3.0.4
Uname: Linux 3.0.0-12-generic i686
Date: Sat Oct 8 12:08:41 2011
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Beta i386 (20110901)
PATH=(custom, no user)
UpgradeStatus: Upgraded to oneiric on 2011-10-06 (1 days ago)
To manage notifications about this bug go to:
More information about the foundations-bugs