>On Mon, Apr 07, 2008 at 05:20:01PM +0000, Matthew Szudzik wrote: >> On Mon, Apr 07, 2008 at 04:44:08PM +0000, Jacob Meuser wrote: >> > or, quit using firefox. it's security record is rather lousy, wouldn't >> > you agree? >> >> What alternatives to firefox do you suggest? > >On my main desktop, I use debian. While its not OpenBSD, they do >respond quickly to security problems and, on stable (Etch right now), >they backport the fix to the version in stable, and provide a new binary >update. While firefox is a large binary and takes a while to download >on dialup, at least there is not compile time. > >I wish there was a way to use OpenBSD for the main base system but to >use Debian binary packages (debs) for third-party apps. Looking into >the details of this is on my todo list. > >IIUC, debian debs can't be in something that is chrooted but I don't >understand the reasons or if it applies to all packages (e.g. >firefox/iceweasel). However, on debian chroots work just fine if the >right directories are mounted (e.g. proc). Debian has a package call >schroot which allows ordinary users to run programs as themselves in the >chroot and handles automatically bind-mounting necessary directories. >Each user gets their own copy of the chroot. > >Doug.
All things considered, if I'd known what my question was going to provoke, I'd have waited for 4.3. Sorry. Ed
