[CentOS] And then there was one (browser)

Mon Feb 10 13:39:56 UTC 2014
Phelps, Matt <mphelps at cfa.harvard.edu>

On Sat, Feb 8, 2014 at 5:41 PM, Johnny Hughes <johnny at centos.org> wrote:

> On 02/06/2014 10:41 AM, Phelps, Matt wrote:
> > On Thu, Feb 6, 2014 at 11:12 AM, Fabian Arrotin
> > <fabian.arrotin at arrfab.net>wrote:
> >
> >> On 06/02/14 16:26, Phelps, Matt wrote:
> >>> On Wed, Feb 5, 2014 at 12:30 AM, Robert Arkiletian <robark at gmail.com>
> >> wrote:
> >>>> new potential remote code exploit in Chromium flash.
> >>>>
> >>
> http://googlechromereleases.blogspot.ca/2014/02/stable-channel-update.html
> >>>> Doesn't look like these repos are being updated.
> >>>> http://people.redhat.com/tpopela/rpms/
> >>>> http://people.centos.org/hughesjr/chromium/6/
> >>>>
> >>>> Any info on this issue would be welcome.
> >>>>
> >>>
> >>> Yes, please. Can the CentOS folks check with their newly minted Red Hat
> >>> brethren on this issue?
> >>>
> >>> This is getting critical for us. We have over a hundred CO6 desktops
> that
> >>> are currently running an insecure version of chromium. The security
> >> people
> >>> are all over us on this!
> >>>
> >>> We need to run chrome/chromium in order to manage our Google Apps for
> >>> Government deployment (for over 1000 users). It doesn't work right with
> >>> firefox.
> >>>
> >>> If we need to apply pressure elsewhere, please let us know where to
> >> direct
> >>> our fury.
> >>>
> >> ... to Google ? (especially because it's *their* browser to support
> >> *their* Google Apps ....)
> >>
> >>
> > Of course we already have notified Google.
> >
> > I was hoping for a little more granularity. Google is a large place; as
> is
> > Red Hat I know. There was word that Red Hat was working with Google on a
> > solution, and I was hoping to hear if there was any movement.
> >
> > I can't ask Red Hat since we don't pay for it, but perhaps the new CentOS
> > relationship with them can offer a channel of communication for the
> > Community.
> Sure, we talked to them (redhat).  That does not make the code actually
> build any faster.
> The code does not build (as is) on EL6 and each build needs to be
> troubleshot and error corrected to make it work.
> Currently there are several pieces not building ... just like there were
> before.  The 31 tree was finally made to build, after several changes,
> The 32 tree is not building.
> I like to use chromium as well ... but the only supported browser is
> Firefox ... that is the one with EL support.  Chromium is a best effort
> to get to build (and it always will be) ... Google has no interest in
> supporting it, so we are taking the code that they release and working
> with it until it builds on EL6.
Thanks Johnny,

The piece of information I was looking for was the bit about Google's
attitude towards the situation with respect to chrome (vs. chromium). I, of
course, appreciate the efforts on the CentOS end and realize it's not under
your control.

I was hoping Red Hat dollars would be influential to Google, and was merely
looking for any further information on weather Google's chrome would ever
work again on RHEL/CentOS 6 again, and if that might be available from you
guys, since you now work for them.

If there's any way to pass on the need for more pressure on Google,  from
Red Hat, that would be appreciated. We CentOS users can't do that directly.
We chose CentOS long ago for all the right reasons; chiefly that we can't
afford 150 RHEL licenses since we're in an academic environment (even with
academic rates).

The situation is highly frustrating, and we feel powerless.

> WRT your google apps docs ... OK, so have 2 browsers on your system.
> Use the chromium for your google apps and firefox for everything else.
The point is, we're close to being told to disable chromium and remove it
because version 31 is insecure.

> I told everyone that the chromium support was as can be made to work.
> If you REALLY need it to work, hire someone to maintain it :)

I appreciate the smiley face, but that should not be necessary to make the
worlds most popular browser work on the worlds most popular Enterprise
Linux distribution (and it's FOSS variants)!

Matt Phelps
System Administrator, Computation Facility
Harvard - Smithsonian Center for Astrophysics
mphelps at cfa.harvard.edu, http://www.cfa.harvard.edu