[Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running

• From: ashwin.chn@xxxxxxxxx (ashwin kesavan)
• Date: Fri, 29 Jul 2011 21:16:00 +0530

On 29 July 2011 20:39, Arun Khan <knura9 at gmail.com> wrote:

You have an enterprise Linux installed in your system. ? It has a
package management system that ensures integrity of the system;
package dependencies as well as trust worthiness of the packages.

It is true that i am running the not so trusted package in enterprise
system. But it is not a server, but a system used as my desktop. It
has enterprise linux b'cos it is also meant for testing the code i
develop and for logging into production machines, since the code i
develop must be working in similar environment. and it has to be
secure b'cos it is exposed to production machines. But apart from
these two reasons this is not a production server by itself. Used more
as a testing ground for the perl scripts and bash scripts i develop
quite frequently and for which i make heavy use of internet whenever i
am stuck. So the browser i use is important b'cos it affects my
productivity.

It is best to install packages that are created from trusted source
and signed by the author(s) with a WoT. ? ?Otherwise, it is best to
build your own from source code.

The package you have downloaded may well have been created from
trusted sources but without a verifiable signature how do you know
that indeed it is the "original" package posted by the author?

yes i understand there is a risk of untrusted code being injected into
the system b'cos of unsigned package. But the reality is, no one is
giving a version of chromium (OSS) that could be run in my version of
rhel (which is still active not eol'ed) . And when i try to compile
from source it becomes almost impossible to compile b'cos current code
in svn of chromium is dependent on a hell a lot of libraries that are
not yet made available in rhel 5.4. So which means i have compile
those dependency library as well. i am not sure if there are more
dependencies for these dependent libs. If true s then i would be in
what is popularly know as "dependency hell", further when compiling
from source you have no easy way to stay updated with security
vulnerabilities as yum wont know about these packages. So in the end i
am exposed to security risk either way, compiling from src or using
unsigned package. AFAIK what this guy has done is he has taken a
legacy code which can work with the exisitng rhel 5.4 libs . So there
is a security risk that this chromium is unpatched. But since i am a
part of ops team, i have fairly good knowledge on the types of attack
and fast enough to identify the malicious sites, etc. It will become
difficult for cracker to break through my PC, since it is not directly
exposed to internet, and has a layer of firewall in between that does
some level of filtering and my PC is fully patched except for this
one. Considering the fact the many people are on the internet with
windows 2000 and similar. The amount of threat i am exposed to is
fairly minimal. In case you know of any specific violation in this
version of chromium pkg then please let me know, in which case i am
ready to take a dig inside dependency hell and try out my luck. But
without that it is just too much effort to achieve too little.
Further i have a question, are all signed packages trust worthy ? i
think we can  take this discussion to another thread, if people are
interested. I know a popular thread that happened in late 2004 or
early 2005 between the then ilugc's of sridhar ratna and sriram K.
where they battled out if linux is better security than windows by
design? In the end conclusion was something like linux is not entirely
away from security problems of windows. Theoretically atleast what
happened to windows can happen to linux as well, as most security
vulenrabilites are exploited not purely by technical stuff but
involves a fair level of user stupidity. which no matter how secure
you build your OS , will be cracked if the user makes stupid moves. So
lets not discuss this here, create a separate thread if interested.
Please don't discuss this user/tech topic here and contain ourselves
to chromium issue. period. Please search ilugc archives if interested.

with regards,
ashwin

• References:
  • [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running
    • From: ashwin kesavan
  • [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running
    • From: Arun SAG
  • [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running
    • From: ashwin kesavan
  • [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running
    • From: Arun Khan
  • [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running
    • From: ashwin kesavan
  • [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running
    • From: Arun Khan

Other related posts:

• » [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running- ashwin kesavan
• » [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running- Arun SAG
• » [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running- ashwin kesavan
• » [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running- Arun Khan
• » [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running- ashwin kesavan
• » [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running- Arun Khan
• » [Ilugc] has anyone been successful in getting Chrome/chromium on rhel5.4 up and running - ashwin kesavan

1. Home
2. ilugc
3. Archive
4. 07-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---