Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Beatnik (493)

  (email not shown publicly)

A 29 year old belgian who likes Mountain Dew, Girl Scout Cookies, Tim Hortons French Vanilla Flavoured Cappucinno, Belgian beer, Belgian chocolate, Belgian women, Magners Cider, chocolate chipped cookies and Perl. Likes snowboarding, snorkling, sailing and silence. Bach can really cheer him up! He still misses his dog.

Project Daddy of Spine [], a mod_perl based CMS.

In his superhero time (8.30 AM to 5.30 PM), he works on world peace.

Journal of Beatnik (493)

Monday February 28, 2005
06:10 AM

Fixing a security leak

[ #23423 ]
In a normal setup, firefox can print to whatever you want.. In a strict environment, like libraries, you don't want the user to be able to print to xterm & and spawn a terminal window. You can h4x0r firefox so it wont show the button and radio buttons. I used Midnight Commander to go to /usr/lib/firefox/chrome and pressed enter on toolkit.jar. Inside toolkit.jar, move to content/global. Edit printdialog.xul and look for <row align="center"/> and change it to <row align="center" hidden="true"/> (basically telling Firefox to hide the radio buttons allowing selection of print output (file or printer). The next step is to hide the Properties button next to the printer drop down box. This is where lpr is usually defined. Look for <button id="properties".... Near the end, add hidden="true". It now should look like <button id="properties" label="&propertiesButton.label" hidden="true" oncommand="displayPropertiesDialog()"/>. Now all we have to do is drop the file selection part. Find the next code><row align="center"/> and insert the hidden tag like the first change. It should look like <row align="center" hidden="true"/>.

And you're done!
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.
  • I didn't want to muck around with my Firebird install so I made these changes in the Real-time XUL Editor [].

    If I were working at a library, I'd also disable printing to a file and possibly the number of copies.

    • Some of the libraries we work for, have a queue manager. Limiting the number of copies is one thing, providing them with a shell is something completly different :)