I know that the Update Manager requires the ADMIN password to operate and this led me to ask: If Flash is a "plug in" why does it have to install via the Update Manager ?
I got this response:
right now I'm suspecting that what they call a "shared object" is the executable code for Flash. And they are putting it into /RootMike~Acker The admin password is required because the Flash Player shared object file is added to a directory, the web browser plug-in directory to be more specific, that is not writable by non-root users.
why?
hopefully if it is in fact the executable they (1) load it into user space, and (2) mark the pages it is loaded onto as {READ,EXEC} ( no write access). the program has to be RE-ENTRANT to do this (on MVS/370: PARM.LKED=(RENT, ... ) )
I'm trying to figure out why flash is such a horrible security problem and I think it's because, "in their need for speed", they are feeding raw, external internet data directly into a privileged process --
comments?