This is a more general question to an issue that came up in another thread.
Not to single out Iceweasel but, for example, IIUC, javascript and flashplayer end up running someone else's code on your computer as you. What are the security implications of this? What could a malicious flash or piece of javascript really do you files in your home directory? What are the security implications of this if you are also a member of group wheel, adm, or staff? As for my home directory, of course it has security-sensitve info: health info, passwords, and other private documents. Should I have a separate user setup for just running a javascript- and flash-enabled web browser? I know that any software can have bugs, but I think that software that has to keep up with features to be useable (e.g. a browser) is more likely to be at risk of unknown exploits than more feature-stable net-apps such as mutt, exim, ftp, or rsync. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]