On Fri, Nov 8, 2013 at 4:56 PM, Per Jessen
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower.
It's not a lack of concern, it's a lack of power. Adobe withdrew support. It's their software, their license. openSuse cannot ship software with known security holes by default. That's simply a disservice. The effective risk (way beyond potential at this point) far outweights any potential benefit. Malware attacks the vector with the least resistance, and up till now, that has usually been windows. But if openSuse starts shipping software with known vulnerabilities, that will change, and openSuse will be the best target. That's simply unacceptable. AppArmor, or a VM even, cannot compensate insecure software. It mitigates, but it does not compensate. There have been POC on how to compromise the host of a VM by compromising the VM itself as a pivoting point. So the only alternative left to OSS is the slow and painful one: build support for the missing features on the OS alternatives. If mupdf is promising, a mupdf frontend is only a natural step. I just wonder how much of an attack vector mupdf is, compared to adobe's software. I bet that hasn't been analyzed with any depth yet. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org