While the attack coverage is certainly high, your proposal of unconditionally (forcibly) removing ~/.macromedia/Flash_Player on each login is incorrect. Imagine this scenario on a fresh boot:
1) Log in via gnome-session; 2) Open Web browser, and load embedded Flash that uses cookies; 3) Switch to tty1 4) Switch to tty7 If the Flash applet has not completed loading between steps (2) and (3), you've just blown away the cookie(s). Trivially, the "remove on logout" proposal is analogous. However, as a brutish hack, one could use gnome-session to invoke such a script running upon session login that forcibly removes the cookies. ** Changed in: flashplugin-nonfree (Ubuntu) Importance: Undecided => Low -- flashplugin-nonfree permanent cookies https://bugs.launchpad.net/bugs/283650 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
