On 11/03/2016 05:28 AM, Phil Wyett wrote:
On Wed, 2016-11-02 at 21:37 -0700, Alice Wonder wrote:
While doing a browser fingerprinting survey, I was quite surprised to
see I actually have a FireFox plugin installed.

The culprit is

/usr/lib64/mozilla/plugins/librhythmbox-itms-detection-plugin.so

It appears that whoever maintains the rhythmbox RPM has chosen not to
package the browser plugin separately like it probably should be. So if
I have the rhythmbox RPM installed, I have the plugin.

This is rather worrisome because I can find no trace of the plugin in
the Mozilla preferences panel, so if it is there it is very well hidden
and if it really isn't there, it can't be disabled there.

Is there some kind of blacklist file I can put in
/usr/lib64/mozilla/plugins/ or ~/.mozilla/plugins/ to specifically tell
FireFox not to load that plugin, or do I have to uninstall rhythmbox?

Thank you for suggestions.

PS does anyone actually have a real world use for an itms detection plugin?

Hi,

It is possible to rebuild the package ( for CentOS 7) and disable this
plugin being built.

Yes but then any update to rhythmbox would re-install it and it would become a pattern of build, rinse, repeat.

Hopefully the bugzilla I filed will result in an update being pushed with the plugin either gone or available in a separate package for those who do want it.
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Reply via email to