You have been subscribed to a public bug: A crafted (or just malformed) applet in a page can cause not only the applet's Java VM, but also the Firefox browser and your entire Gnome windows session to die, losing all your work.
READ THE ABOVE LINE and save your work BEFORE you visit the following URL... http://cefn.com/blog/processing.html The processing applet takes a while to load so if you're still reading this page and don't want your desktop killed then Ctrl+Q your browser or close the window/tab the URL is loading in. Scrolling the window seems to contribute to the crash, so if you're actually trying to crash it, then try moving the scrollbars or page up and down. Hopefully this crash is restricted to people with certain video cards or something, but if it's as widely experienced as I fear, then an invisible applet in a page could act as an attack to bring Ubuntu users' entire desktop sessions down, although there's no evidence it provides a means of code execution. The processing.org source code used to create the applet is shown at the offending URL, but was intended as a programming tutorial, so it really isn't very complex and has no deliberately threatening code in it. I suspect it's just the nature of the rendering used which creates the problem. This could fall into an Xorg, java or firefox triage queue, as they all contribute. Although this 'attack' does require you to visit a URL, in my view it shouldn't be possible for someone to smuggle an applet tag into a page and kill your desktop remotely using the the browser in its default configuration. I experienced this with sun-java6-plugin installed and without, on two different laptop machines - one Dell, one Lenovo. They both have cheapo Intel graphics cards, though. A way forward in the short term could be to distribute a plugin with Firefox which blocks java content by default. If it was configurable to block flash and silverlight too then it could be considered an Ubuntu feature to have this installed and configurable by default. Emerging developments in the separate threading of Firefox and Firefox plugins may mitigate this kind of issue, although I fear in this particular case the applet steps through all these layers and is able to trigger a fairly low level hardware rendering bug. ProblemType: Bug DistroRelease: Ubuntu 10.04 Package: firefox 3.6.8+build1+nobinonly-0ubuntu0.10.04.1 ProcVersionSignature: Ubuntu 2.6.32-24.39-generic 2.6.32.15+drm33.5 Uname: Linux 2.6.32-24-generic i686 NonfreeKernelModules: wl Architecture: i386 Date: Sun Aug 8 22:16:25 2010 EcryptfsInUse: Yes FirefoxPackages: firefox 3.6.8+build1+nobinonly-0ubuntu0.10.04.1 firefox-gnome-support 3.6.8+build1+nobinonly-0ubuntu0.10.04.1 firefox-branding 3.6.8+build1+nobinonly-0ubuntu0.10.04.1 abroswer N/A abrowser-branding N/A InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release i386 (20100429) ProcEnviron: LANG=en_GB.utf8 SHELL=/bin/bash SourcePackage: firefox ** Affects: xorg (Ubuntu) Importance: Undecided Status: Invalid ** Tags: apport-bug i386 lucid ubuntu-une -- Bad applet kills Gnome desktop session on Firefox page load https://bugs.launchpad.net/bugs/615138 You received this bug notification because you are a member of Ubuntu-X, which is subscribed to xorg in Ubuntu. _______________________________________________ Mailing list: https://launchpad.net/~ubuntu-x-swat Post to : [email protected] Unsubscribe : https://launchpad.net/~ubuntu-x-swat More help : https://help.launchpad.net/ListHelp
