On 11/03/2016 05:28 AM, Phil Wyett wrote:
On Wed, 2016-11-02 at 21:37 -0700, Alice Wonder wrote:
While doing a browser fingerprinting survey, I was quite surprised to see I actually have a FireFox plugin installed.
The culprit is
/usr/lib64/mozilla/plugins/librhythmbox-itms-detection-plugin.so
It appears that whoever maintains the rhythmbox RPM has chosen not to package the browser plugin separately like it probably should be. So if I have the rhythmbox RPM installed, I have the plugin.
This is rather worrisome because I can find no trace of the plugin in the Mozilla preferences panel, so if it is there it is very well hidden and if it really isn't there, it can't be disabled there.
Is there some kind of blacklist file I can put in /usr/lib64/mozilla/plugins/ or ~/.mozilla/plugins/ to specifically tell FireFox not to load that plugin, or do I have to uninstall rhythmbox?
Thank you for suggestions.
PS does anyone actually have a real world use for an itms detection plugin?
Hi,
It is possible to rebuild the package ( for CentOS 7) and disable this plugin being built.
Yes but then any update to rhythmbox would re-install it and it would become a pattern of build, rinse, repeat.
Hopefully the bugzilla I filed will result in an update being pushed with the plugin either gone or available in a separate package for those who do want it.