Update Greasemonkey! (in Off-topic)


AdminQBVerifex July 19 2005 3:28 AM EDT

I posted a link to an extension for Firefox named Greasemonkey a couple days ago along with a script I wrote. Its been fun to play with, but I was reading the mailing list regarding greasemonkey development and they found a security flaw that needs to be addressed before further versions can be released.

The author of Greasemonkey and a group of developers working with him have found that rogue web pages that happen to know you are running Greasemonkey (far and few between at this point I'm sure) can execute the GM-specific functions (trusted JS) by the pages the GM scripts are running on themselves. So please, UNINSTALL the Greasemonkey extension, and install the version located at the bottom of this page instead: http://mozdev.org/pipermail/greasemonkey/2005-July/004032.html

This is a version of greasemonkey that has many of the useful and great greasemonkey specific features disabled until a further security update is made to the extension itself.
This thread is closed to new posts. However, you are welcome to reference it from a new thread; link this with the html <a href="/bboard/q-and-a-fetch-msg.tcl?msg_id=001QqY">Update Greasemonkey!</a>