blocking filesystem access in firefox > 3.5
- Details
- Kategorie: Anleitungen / Howto's
- Veröffentlicht am Freitag, 27. Januar 2012 01:34
- Geschrieben von Super User
- Zugriffe: 109
OK, I had this situation: I had to turn firefox 8 into a kiosk browser.
With addons like public fox, reset kiosk, r-kiosk and custom geometry/ff fullscreen the most part was done. Except, you could still enter file:// in the url bar and then see filesystem files.
To block that proved to be very very difficult. Most tutorials, hints and everything else seem to deal with browser.jar respectively browser.js inside that. Buut, firefox >= 4.0 has omni.jar, replacing browser.jar.
OK, after figuring that out, I found out that mozilla "optimized" jar. Normally, jar files are simple zip files, so either renaming them or having a proper tool will unpack them. It seems, Win7 explorer or WinZip are capable of unpacking. unzip under linux also managed to unpack it - but I doubted that simply zipping it would work too good.
After yet another round of googling I found this tool: http://hg.mozilla.org/mozilla-central/file/f7016571b472/config/optimizejars.py. Nice path, hmm? And, sure enough, documentation on how to use it is also scarce. To make a long googling short: python optimizejars.py --deoptimize ./ ./ ./ (in the path where omni.jar is).
The output of that will look something like this:
./omni.jar: startup data ends at byte 1338505
Deoptimized 199/1342 in ./omni.jar
Now you can open the jar file with e.g. mc, navigate to chrome/browser/content/browser/ inside and edit (F4) urlbarBindings.xml.
Find something similar to this inside:
[url, postData, mayInheritPrincipal] = this._canonizeURL(aTriggeringEvent);
if (!url)
return;
Right after the return; (before the closing bracket }), insert this:
if (url.match(/^file:/) || url.match(/^\//) || url.match(/^resource:/) || url.match(/^about:/)) {
alert("Access denied.");
exit
}
Save the file (F10), close mc and now "optimize" the file again: python optimizejars.py --optimize ./ ./ ./
This yields this output:
./omni.jar: startup data ends at byte 1338705
Ordered 199/1342 in ./omni.jar
Now that omni.jar can be copied back to it's original place and firefox should start with it.
Test the function of the added code by typing "file://" in the address bar. It should show an "access denied" in the browser window.
Credits:
- http://www.raymond.cc/blog/edit-files-inside-firefox-4-omni-jar-to-auto-save-password/
- http://hg.mozilla.org/mozilla-central/file/f7016571b472/config/optimizejars.py
- http://forums.mozillazine.org/viewtopic.php?p=7400035#p7400035
Definitely NO credits to mozilla.org or their coders for the > 100Mio. $ they spend each year. Their docs and examples are useless - and besides: how about integrating everything into firefox to enable a "-kiosk" switch, like opera has? If opera could handle motion jpeg files, I'd stick with that...
Quellcode Dateien zwischen Revisionen vergleichen
- Details
- Kategorie: Anleitungen / Howto's
- Veröffentlicht am Montag, 09. Januar 2012 21:59
- Geschrieben von Super User
- Zugriffe: 86
Wenn Quellcode im Revisionssystem git gespeichert ist, kann mittels folgendem Befehl eine Datei zwischen 2 Revisionen verglichen werden (am Beispiel des Linux Quellcodes):
git diff v2.6.26 v2.6.38 -- ./net/bridge/br_netfilter.c
Linux Kernel per git auschecken
- Details
- Kategorie: Anleitungen / Howto's
- Veröffentlicht am Montag, 09. Januar 2012 21:52
- Geschrieben von Super User
- Zugriffe: 86
Um einen Linux Kernel per git zu laden, muss folgender Befehlt ausgeführt werden:
git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
Dabei kommt folgende Ausgabe:
Cloning into linux-2.6...
remote: Counting objects: 2280391, done.
remote: Compressing objects: 100% (359558/359558), done.
remote: Total 2280391 (delta 1906838), reused 2271829 (delta 1898924)
Receiving objects: 100% (2280391/2280391), 452.27 MiB | 466 KiB/s, done.
Resolving deltas: 100% (1906838/1906838), done.
Danach liegt im aktuellen Verzeichnis ein Ordner "linux-2.6" mit den Kernel Quellen.
Aktualisiert werden kann danach mit folgendem Befehl:
git pull -k
FreeRDP 1.0 (git) unter Debian (Lenny) kompilieren
- Details
- Kategorie: Anleitungen / Howto's
- Veröffentlicht am Freitag, 16. September 2011 17:26
- Geschrieben von Super User
- Zugriffe: 202
In einem Projekte musste ich jetzt FreeRDP 1.0 (aus git ausgecheckt) unter Debian, speziell Lenny (5.0) kompilieren. Folgende Schritte sind nötig gewesen:
aptitude install build-essential git cmake libssl-dev libx11-dev libxext-dev libxinerama-dev libxcursor-dev libxv-dev libxkbfile-dev libasound2-dev libcups2-dev libncurses-dev lsb-build-base3 linux-libc-dev libc6-dev
git clone git://github.com/FreeRDP/FreeRDP.git
cd FreeRDP/
cmake . -DWITH_ALSA=off
make
Unter client/X11 liegt dann das Programm xfreerdp. Ausführen kann man es dann z.B. durch
client/X11/xfreerdp -h
worauf die Ausgabe kommt:
FreeRDP - A Free Remote Desktop Protocol Client
See http://www.freerdp.com for more information
Usage: client/X11/xfreerdp [options] server:port
-0: connect to console session
-a: set color depth in bit, default is 16
-c: initial working directory
-D: hide window decorations
-d: domain
-f: fullscreen mode
-g: set geometry, using format WxH or X% or 'workarea', default is 1024x768
-h: print this help
-k: set keyboard layout ID
-m: don't send mouse motion events
-n: hostname
-o: console audio
-p: password
-s: set startup-shell
-t: alternative port number, default is 3389
-u: username
-x: performance flags (m[odem], b[roadband] or l[an])
-z: enable compression
--app: RemoteApp connection. This implies -g workarea
--ext: load an extension
--no-auth: disable authentication
--no-fastpath: disable fast-path
--no-osb: disable off screen bitmaps, default on
--plugin: load a virtual channel plugin
--rfx: enable RemoteFX
--no-rdp: disable Standard RDP encryption
--no-tls: disable TLS encryption
--no-nla: disable network level authentication
--sec: force protocol security (rdp, tls or nla)
--version: print version information