The issue for me is the increasing use of what I think is bleeding edge javascript to render just about everything. Today, I found that both digitalocean and gmail won’t render on ESR52.
But sure I can run another browser, but if I do on macOS, and set my default browser to ESR52 (which it sees just fine), it works unless I either don’’t have it open, or else have a newer Firefox already running, and then that something starts up a profile manager window that doesn’t say which version of Firefox is going to open that profile. And that means you can destroy your ESR62 profile with the migration path to the hot new Firefox that you are trying to port your life-saving legacy webextension to. Three solutions come to mind: (1) Get the profile manager to at least say which browser is trying to open that profile. (2) Make ESR’s a real fork, and stop failing to pretend its FF52. (3) Upgrade ESR52’s javascript engine to something more modern. (I assume that this last is a non-starter, but I thought I’d ask after it). > On Apr 21, 2018, at 7:51 PM, Paul Kosinski <[email protected]> wrote: > > The main reason I run different instances of Firefox as different users > is *security*. If you simply run Firefox under one user with different > profiles, they all see the same file system. This is *not* what I want, > since Firefox might still have bugs that could allow nasty websites to > do damage to files, or even simply read files they shouldn't. > > What I do when I run them as different users is to run each > Firefox chroot-ed to a new /root directory, and, by using "mount > --bind", each user has a "/home" directory with only its own home > directory mounted there, plus only those shared directories that are > necessary, and finally, its own "/tmp" directory. This means that the > different Firefox instances cannot even know about any files belonging > to other users (even if those files originally were world readable), > so it serves as "defense in depth" in the face of Firefox bugs. > > Yes, I know that I should use kernel namespaces and fancy systemd > features, but I did this a while ago, and it would be time consuming to > convert for not a lot of gain. (Unless, perhaps, it would make it easy > to create security contexts on the fly...) > > By the way, in Windows I restrict which network shares are accessible > to the different users. Also, local directories can even be restricted > beyond the users under Users (but Windows ACLs can get quite tricky to > get right). > > Finally, it might be helpful to run the two radically different > versions of Firefox in different security contexts: I wouldn't be too > surprised if Quantum has more insecurities than Legacy (XUL) for some > time to come. (And I certainly would never want to run closed source > DRM-ed modules in the same context as private or sensitive data.) > > P.S. In KDE, I tend to use different "workspaces" to group my Firefox > instances, as I only have a few that I keep running long term. > > > > On Sat, 21 Apr 2018 11:23:31 -0600 > Stephen Dowdy <[email protected]> wrote: > >> My 2cents... >> >> I'm confused by the notion that running multiple versions/profiles of >> firefox is at all difficult -- at least on linux: >> >> {path-to-firefox-specific-version}/firefox -P {profile-name} >> --class=firefox_{profile-name} -no-remote -new-instance >> >> is all you need to run an infinite number (as much as your system can >> deal with) of versions and profiles as the user you are logged in as. >> >> This should work platform independently, though i don't use MacOS or >> Windows much, but i'm sure i have run at least multiple profiles of >> the same firefox version on Windows just fine (i don't think the >> 'class' cmdline arg does anything on Windows, though, but that's only >> useful for advanced grouping). (i know that Windows Registry >> probably doesn't support multiple firefox installs simultaneously >> (other than by "Channel"), but that'd be something Mozilla could Fix >> by creating Version-Dependent Registry sub-trees to avoid conflict (i >> doubt they are interested in doing that due to the low-payoff) >> >> I usually run 3 or more profiles at once (with hundreds of windows >> and thousands of tabs concurrently). As the "Web" has become more >> weaponized by "advertising" this gets harder and harder and more CPU >> and memory intensive, even with NoScript and the like. >> >> The hard part is keeping it all straight. >> >> I used to use 'showcase' to search down the tab i was looking for, >> but that's been deprecated. I now use "Tab >> Search" ( https://addons.mozilla.org/en-US/firefox/addon/tab_search/ >> ) which does a decent (though not complete) job of replacing >> 'showcase' >> >> I also useda different theme for each profile for visual distinction >> (solid color themes work well, or, for example, if you have a >> "facebook" firefox profile, use a theme that has the "f" icon in it. >> Unfortunately, firefox makes it darn hard to identify/brand the >> visual layout with your profile name. I used to use "Show Profile" >> to do this to insert the profile name in the window's Titlebar, but >> again, that was deprecated by the new extensions system (sigh). >> there are others (like "Crappy Firetitle", but i think that one did >> something to GLOBALLY affect ALL my profiles with its static title >> referencing (grr)). best thing Firefox offers there is >> "about:profiles" so you can wade through your dozens of profiles (for >> me, anyway), and finally come across the text "This is the profile in >> use and it cannot be deleted." to know which profile that window is >> using. >> >> Also, the task managers for your Desktop Environment (i use KDE), >> theoretically SHOULD group your icons for each firefox individually >> based upon the X11 "class" name you specify on the command line, but >> unfortunately, KDE/Plasma's icon-only-task-manager has really sucked >> after KDE3 and fails to do this properly for me most of the time. >> >> --stephen > >> > _______________________________________________ > Enterprise mailing list > [email protected] > https://mail.mozilla.org/listinfo/enterprise > > To unsubscribe from this list, please visit > https://mail.mozilla.org/listinfo/enterprise or send an email to > [email protected] with a subject of "unsubscribe" _______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
