Bug#660311: gnome-shell: silently installs a plugin into browsers

Christoph Anton Mitterer calestyo at scientia.net
Sat Feb 18 04:00:40 UTC 2012


Package: gnome-shell
Version: 3.2.2.1-1
Severity: important


Hi.

Actually I should have marked this serious,... this surely somehow violates the Policy or Social Contract...
Or at least the expectation of OpenSource/Debian not being evil.

I was really badly remembered to proprietary like AcrobatReader who annoyingly tries ships totally
unrealted 3rd party products like YahooTool bar with it...


When the guys at GNOME decided that they know better than 20 years of UI designing and started users forcing
GNOME Shell... (well more or less at least) the average Debian-GNOME user got that, too.

Now I've seen that they also ship their browser plugin:
/usr/lib/mozilla/plugins/libgnome-shell-browser-plugin.so
siletly with them.

No warning of doing so, nothing in the package description.


Reading the little documentation it even makes me think that the plugin is kind of a root kit,
allowing extensions from gnome.org being installed (which possibly no one has looked at and are not
security supported at all).



So please split this stupid pluin out in it's own package, make it suggested at most, disable it per default,
etc. pp.


Cheers,
Chris.





More information about the pkg-gnome-maintainers mailing list