On 09/29/2011 03:50 PM, Robert Kaiser wrote: > NoOp schrieb: >> Blocking all versions of Java on all versions of Firefox + SeaMonkey? > > Yes. > >> Seriously? > > Yes, as it's a security hazard and we don't know of any plans of Oracle > to fix it. > >> Are you referring to this: >> https://bugzilla.mozilla.org/show_bug.cgi?id=689661 >> [Block Java Plugin due to security vulnerabilities (BEAST TLS and bug in >> same-origin-policy)] > > Yes. > >> Doing that kills sites that use java. Example: >> http://myspeed.visualware.com/index.php > > Yes. > >> Users can easily turn on/off java using prefbar. > > Doesn't apply to the majority of users that don't even know what prefbar > is. Users will be able to turn it on again if they must, but it's a > security risk. ...
Thanks for the clarification. Java goes off until either Mozilla and/or Oracle fix _their_ issues. Might be a good idea to post a separate thread/subject on this list informing users on how to easily disable Java via other means outside of prefbar. Tools|Add-ons Manager|Plugins|Java(TM) <version> Plug-in|Disable doesn't seem to work on 2.4.1 (linux). Nor via about:config: security.enable_java;false I can *only* disable (checking via http://java.com) via prefbar. I'll test in a 'test' profile to see if the results are different. _______________________________________________ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
