Hey all
Please don't dismiss me because what I have been doing is unsupported untill
you've read a little, I do realise you do far too much for too little as it is
and when I make enough money I'll hopefully become a donator and regular
merchandise/cd buyer.
Whilst the subject of firefox on current is covered and I understand to a
reasonable degree why firefox only has the bugfixes in current when the tree
is open and don't have the time right now to look into backporting which I
imagine will be rather difficult for such a large port especially in meeting
ports standards. I feel the info currently in the mailing list archives could
be more complete to enable me and others to make more educated decisions.
I've been running stable and have had the current firefox running seemingly
without problems (may be for months at a time and then obviously it will break
at some point and you upgrade and then it may be days, weeks or if your lucky
months before the build breaks and dependencies go too far out of sync.
I imagine the answer is to install stable keep going for as long as possible
untill firefox breaks get a snapshot and test it. Upgrade to that snapshot
when needed and install the latest firefox port. Or just sync with current
every month and make a backup before upgrading.
========================================================================
===
I do have a few questions however.
How much security would you lose by using say the opera linux browser or linux
firefox and installing the linux libs keeping an eye on libc6 vulns and others
compared to the openbsd firefox with pro police patches etc. How often might
these patches protect you from current vulnerabilities in firefox, usually in
javascript so I imagine not often, but then you can just just turn jscript
off?. I currently disable linux support when I don't intend to use it. It's
quite a good feeling, reading the latest vulnerability measures or stability
problems knowing you avoided it through a necessity policy. ipv6 + pf springs
to mind of many. (happens far less on OpenBSD of course but just using OpenBSD
gives that feeling when reading about Linux :)
Does anyone have any info about the Miros mirzilla firetapir port which is
said to build for openbsd and kept upto date??? Searching shows up nothing but
a few Miros pages and it's not installed on their livecd, which wouldn't boot
anyway. I also tried to find what the dispute between Theo and the Miros
project leader was but Couldn't find much.
What browser (perhaps a simple open source one) would you use for important
stuff fullstop or whilst firefox has vulns. I know this question has been
asked before so have there been any new ones come on the block. Dillo w3m and
lynx seemed popular on the lists. I'm sure I installed a graphical w3m but
haven't really tried it yet.
What's the most secure way of running java support occassionally within a
browser on openbsd and making sure it is disabled for the rest of the time.
Does anyone have any tips on getting good rendering speed in browsers on
graphic laden sites. I read on this list that now the ati driver has been open
sourced it is quite decent on openbsd. I'm guessing that doesn't include older
ati graphics chips in old laptops?
I thinks that's more than enough questions now, Thanks for your time
KeV
