Novell Home

Patching Firefox Silently

Novell Cool Solutions: Trench
By John Ferrillo

Digg This - Slashdot This

Posted: 10 Sep 2004
 

We recently rolled out Mozilla Firefox 0.8, extolling the virtue that it is a more secure browser. For the most part our users were very happy. Then the shellblock vulnerability news hit. We are using a very customized build of Firefox and did not want to subject the users to yet another build just yet. Aahhh, behold the power of the ZEN. We needed a transparent way to roll out the patch without our 500+ users having to click anything.

This has probably been done before but I could not find it documented anywhere.

  1. We built a test machine with a clean, default build of Firefox and then took a snapshot of the machine.
  2. Then we installed the patch via the Firefox extension update interface.
  3. After the patch was installed, we then took another snapshot.
  4. We created the app in ConsoleOne based on the .axt file and then deleted the .fil file relating to perfdata.
  5. We then pushed out this app, silently without a rebuild, through ZENworks and our users never were the wiser.

To verify that the patch took place, open Firefox, in the browser line type "about:config", in the filter line, type "shell" and verify that the network.protocol.handler is set to false.

If you have any questions you may contact John at johnfe@co.cumberland.nj.us


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell