Re: Firefox 2.0.0.12
Hi! On Wed, Apr 09, 2008 at 12:07:53AM +0200, Zbigniew Baniewski wrote: On Tue, Apr 08, 2008 at 09:50:21PM +, james wrote: Include /usr/local/mozilla-firefox in the ldconfig line and run the ldconfig command through /usr/local/mozilla-firefox/run-mozilla.sh (or manually set LD_LIBRARY_PATH to include /usr/local/mozilla-firefox) I think, the latter method is better suitable for including individual cases. Or perhaps: would be, instead of is - because there's still no desired effect. I can't see any difference. I'm afraid, it can't be solved right now; currently it's just the way it is, and one has to live with that. It *felt* a bit faster after this: cd /usr/local/mozilla-firefox/ : Include firefox dir to shared library path ldconfig -m /usr/local/mozilla-firefox : prebind ldconfig -PS mozilla-firefox-bin : Exclude firefox dir again ldconfig -U /usr/local/mozilla-firefox : Rescan the normal shared libraries, to be sure ldconfig -R Kind regards, Hannah.
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 05:20:01PM +, Matthew Szudzik wrote: On Mon, Apr 07, 2008 at 04:44:08PM +, Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? What alternatives to firefox do you suggest? On my main desktop, I use debian. While its not OpenBSD, they do respond quickly to security problems and, on stable (Etch right now), they backport the fix to the version in stable, and provide a new binary update. While firefox is a large binary and takes a while to download on dialup, at least there is not compile time. I wish there was a way to use OpenBSD for the main base system but to use Debian binary packages (debs) for third-party apps. Looking into the details of this is on my todo list. IIUC, debian debs can't be in something that is chrooted but I don't understand the reasons or if it applies to all packages (e.g. firefox/iceweasel). However, on debian chroots work just fine if the right directories are mounted (e.g. proc). Debian has a package call schroot which allows ordinary users to run programs as themselves in the chroot and handles automatically bind-mounting necessary directories. Each user gets their own copy of the chroot. Doug. All things considered, if I'd known what my question was going to provoke, I'd have waited for 4.3. Sorry. Ed
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 04:44:08PM +, Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? What alternatives to firefox do you suggest? Seamonkey? Also, (for the rest of you on misc) as far as security goes, the OpenBSD development team are developing OpenBSD. So don't blame them for the ports maintainer. Also, go and look at the exploits and security problems in firefox which mostly have to do with BHO and the like that don't even exist or work on OpenBSD anyway because OpenBSD in itself is secure. I use Seamonkey. It works. Why use Seamonkey? It is more resource friendly than running Firefox+Thunderbird+whatever. Regards Dusty
Re: Firefox 2.0.0.12
on obsd 4.2 SM is 1.1.4... there are some issues But in any case I absolutely agree with you that fatfox is very resource-unfriendly I think I'm going to switch to links Is there a flash plugin for it?? ... hehe By the way... why is lynx default page openbsd.org? I thought all packages were vanilla. I'm fine with it, just wondering. - Fixed in SeaMonkey 1.1.9 MFSA 2008-19 XUL popup spoofing variant (cross-tab popups) MFSA 2008-18 Java socket connection to any local port via LiveConnect MFSA 2008-17 Privacy issue with SSL Client Authentication MFSA 2008-16 HTTP Referrer spoofing with malformed URLs MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13) MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution Fixed in SeaMonkey 1.1.8 MFSA 2008-13 Multiple XSS vulnerabilities from character encoding MFSA 2008-10 URL token stealing via stylesheet redirect MFSA 2008-09 Mishandling of locally-saved plain text files MFSA 2008-07 Possible information disclosure in BMP decoder MFSA 2008-06 Web browsing history and forward navigation stealing MFSA 2008-05 Directory traversal via chrome: URI MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution MFSA 2008-02 Multiple file input focus stealing vulnerabilities MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12) Fixed in SeaMonkey 1.1.7 MFSA 2007-39 Referer-spoofing via window.location race condition MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10) MFSA 2007-37 jar: URI scheme XSS hazard Fixed in SeaMonkey 1.1.5 MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows MFSA 2007-35 XPCNativeWrapper pollution using Script object MFSA 2007-34 Possible file stealing through sftp protocol MFSA 2007-33 XUL pages can hide the window titlebar MFSA 2007-32 File input focus stealing vulnerability MFSA 2007-31 Browser digest authentication request splitting MFSA 2007-30 onUnload Tailgating MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8) MFSA 2007-28 Code execution via QuickTime Media-link files 2008/4/8, Dusty [EMAIL PROTECTED]: On Mon, Apr 07, 2008 at 04:44:08PM +, Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? What alternatives to firefox do you suggest? Seamonkey? Also, (for the rest of you on misc) as far as security goes, the OpenBSD development team are developing OpenBSD. So don't blame them for the ports maintainer. Also, go and look at the exploits and security problems in firefox which mostly have to do with BHO and the like that don't even exist or work on OpenBSD anyway because OpenBSD in itself is secure. I use Seamonkey. It works. Why use Seamonkey? It is more resource friendly than running Firefox+Thunderbird+whatever. Regards Dusty
Re: Firefox 2.0.0.12
On Tue, Apr 08, 2008 at 02:51:32PM +0200, Dusty wrote: I use Seamonkey. It works. Why use Seamonkey? It is more resource friendly than running Firefox+Thunderbird+whatever. Both are starting in about the same - long - time: 20 seconds... :/ (Pentium II 400, 256 MB RAM, SATA drive, OpenBSD 4.2) Perhaps someone could make a tip, how could I make that start-up period shorter? Yes, I know: buy new hardware. Any other available solutions? There should be the other ones; on the NetBSD 3.1 Firefox is ready to work in about 4 seconds... quite a difference, isn't it? -- pozdrawiam / regards Zbigniew Baniewski
Re: Firefox 2.0.0.12
Hi! On Tue, Apr 08, 2008 at 04:34:49PM +0200, Zbigniew Baniewski wrote: On Tue, Apr 08, 2008 at 02:51:32PM +0200, Dusty wrote: I use Seamonkey. It works. Why use Seamonkey? It is more resource friendly than running Firefox+Thunderbird+whatever. Both are starting in about the same - long - time: 20 seconds... :/ (Pentium II 400, 256 MB RAM, SATA drive, OpenBSD 4.2) Perhaps someone could make a tip, how could I make that start-up period shorter? Yes, I know: buy new hardware. Any other available solutions? Doesn't help. With 1GHz and 768 MB RAM, it takes two-figure amounts of seconds, too. Deleting the files XPC.mfasl and XUL.mfasl files in your profile occasionally can help a *bit* in some aspects of performance, but as far as I can observe, not in startup time. There should be the other ones; on the NetBSD 3.1 Firefox is ready to work in about 4 seconds... quite a difference, isn't it? Do they already do prebinding? Kind regards, Hannah.
Re: Firefox 2.0.0.12
On Tue, Apr 08, 2008 at 04:45:15PM +0200, Hannah Schroeter wrote: There should be the other ones; on the NetBSD 3.1 Firefox is ready to work in about 4 seconds... quite a difference, isn't it? Do they already do prebinding? AFAIK they have something called RelCache (aka ELF prebinding), f.e. http://mail-index.netbsd.org/tech-userlevel/2002/12/04/0017.html You mean, exactly this is making a difference? -- pozdrawiam / regards Zbigniew Baniewski
Re: Firefox 2.0.0.12
On Tue, Apr 08, 2008 at 04:34:49PM +0200, Zbigniew Baniewski wrote: On Tue, Apr 08, 2008 at 02:51:32PM +0200, Dusty wrote: I use Seamonkey. It works. Why use Seamonkey? It is more resource friendly than running Firefox+Thunderbird+whatever. Both are starting in about the same - long - time: 20 seconds... :/ (Pentium II 400, 256 MB RAM, SATA drive, OpenBSD 4.2) Perhaps someone could make a tip, how could I make that start-up period shorter? Yes, I know: buy new hardware. Any other available solutions? There should be the other ones; on the NetBSD 3.1 Firefox is ready to work in about 4 seconds... quite a difference, isn't it? -- pozdrawiam / regards Zbigniew Baniewski There is a system already present in OpenBSD called prebind (see ldconfig(8)) that does this type of speedup, however the ports integration was never finished. Most of the issue with ports was that the mechanism used modifies the md5 values for each binary and library. If the md5 package checking mechanism could detect the prebind data and 'ignore' it, then the md5 values could be verified. While no problems with the full system scan of prebind, the update mode (which ports would use) may have had a problem. Dale Rahn [EMAIL PROTECTED]
Re: Firefox 2.0.0.12
In my case this does help ldconfig -SP /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /usr/X11R6/bin and has never been a problem 2008/4/8, Dale Rahn [EMAIL PROTECTED]: On Tue, Apr 08, 2008 at 04:34:49PM +0200, Zbigniew Baniewski wrote: On Tue, Apr 08, 2008 at 02:51:32PM +0200, Dusty wrote: I use Seamonkey. It works. Why use Seamonkey? It is more resource friendly than running Firefox+Thunderbird+whatever. Both are starting in about the same - long - time: 20 seconds... :/ (Pentium II 400, 256 MB RAM, SATA drive, OpenBSD 4.2) Perhaps someone could make a tip, how could I make that start-up period shorter? Yes, I know: buy new hardware. Any other available solutions? There should be the other ones; on the NetBSD 3.1 Firefox is ready to work in about 4 seconds... quite a difference, isn't it? -- pozdrawiam / regards Zbigniew Baniewski There is a system already present in OpenBSD called prebind (see ldconfig(8)) that does this type of speedup, however the ports integration was never finished. Most of the issue with ports was that the mechanism used modifies the md5 values for each binary and library. If the md5 package checking mechanism could detect the prebind data and 'ignore' it, then the md5 values could be verified. While no problems with the full system scan of prebind, the update mode (which ports would use) may have had a problem. Dale Rahn [EMAIL PROTECTED]
Re: Firefox 2.0.0.12
On Tue, Apr 08, 2008 at 07:03:43PM +0200, Pau wrote: In my case this does help ldconfig -SP /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /usr/X11R6/bin Just tried the sequence - can't see any difference, unfortunately. -- pozdrawiam / regards Zbigniew Baniewski
Re: Firefox 2.0.0.12
It's made to be secure, it's prone to be installed on a server not just a fuckin desktop o.s. Well, it depends. I use OpenBSD as a critical-mission server and as a common daily desktop. I'm very happy in both cases. A secure, funcional and free desktop, of course. -- Thanks, Jordi Espasa Clofent
Re: Firefox 2.0.0.12
Zbigniew Baniewski writes: ldconfig -SP /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /usr/X11R6/bin Just tried the sequence - can't see any difference, unfortunately. Not suprising as the firefox binary is not in any of the given paths. // marc
Re: Firefox 2.0.0.12
On Tue, Apr 08, 2008 at 01:39:29PM -0700, Marco S Hyman wrote: ldconfig -SP /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /usr/X11R6/bin Just tried the sequence - can't see any difference, unfortunately. Not suprising as the firefox binary is not in any of the given paths. Yes, you're right... :-O didn't check, that which firefox returns just the location of startup script. But including its own sub-dir wasn't helpful neither; several failed to load errors. I'm afraid, one has to wait a little(?) for something a'la NetBSD's RelCache. -- pozdrawiam / regards Zbigniew Baniewski
Re: Firefox 2.0.0.12
Zbigniew Baniewski zb at ispid.com.pl writes: On Tue, Apr 08, 2008 at 01:39:29PM -0700, Marco S Hyman wrote: ldconfig -SP /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /usr/X11R6/bin Just tried the sequence - can't see any difference, unfortunately. Not suprising as the firefox binary is not in any of the given paths. Yes, you're right... :-O didn't check, that which firefox returns just the location of startup script. But including its own sub-dir wasn't helpful neither; several failed to load errors. I'm afraid, one has to wait a little(?) for something a'la NetBSD's RelCache. Include /usr/local/mozilla-firefox in the ldconfig line and run the ldconfig command through /usr/local/mozilla-firefox/run-mozilla.sh (or manually set LD_LIBRARY_PATH to include /usr/local/mozilla-firefox)
Re: Firefox 2.0.0.12
On Tue, Apr 8, 2008 at 5:21 PM, Zbigniew Baniewski [EMAIL PROTECTED] wrote: On Tue, Apr 08, 2008 at 04:45:15PM +0200, Hannah Schroeter wrote: There should be the other ones; on the NetBSD 3.1 Firefox is ready to work in about 4 seconds... quite a difference, isn't it? Do they already do prebinding? AFAIK they have something called RelCache (aka ELF prebinding), f.e. http://mail-index.netbsd.org/tech-userlevel/2002/12/04/0017.html You mean, exactly this is making a difference? If I recall correctly, it was never commited to the sources. Anyway, NetBSD haven't any prelink/prebind feature now. Daniel -- Daniel Horecki http://morr.pl
Re: Firefox 2.0.0.12
On Tue, Apr 08, 2008 at 09:50:21PM +, james wrote: Include /usr/local/mozilla-firefox in the ldconfig line and run the ldconfig command through /usr/local/mozilla-firefox/run-mozilla.sh (or manually set LD_LIBRARY_PATH to include /usr/local/mozilla-firefox) I think, the latter method is better suitable for including individual cases. Or perhaps: would be, instead of is - because there's still no desired effect. I can't see any difference. I'm afraid, it can't be solved right now; currently it's just the way it is, and one has to live with that. -- pozdrawiam / regards Zbigniew Baniewski
Re: Firefox 2.0.0.12
On Tue, Apr 08, 2008 at 11:56:29PM +0200, Daniel Horecki wrote: http://mail-index.netbsd.org/tech-userlevel/2002/12/04/0017.html You mean, exactly this is making a difference? If I recall correctly, it was never commited to the sources. Anyway, NetBSD haven't any prelink/prebind feature now. So what exactly is making firefox's startup time under NetBSD much shorter? -- pozdrawiam / regards Zbigniew Baniewski
Re: Firefox 2.0.0.12
Matthew Szudzik wrote: What alternatives to firefox do you suggest? /usr/bin/lynx is actually pretty good for a lot of things, and if you rebuild it with '--enable-externs', it can launch scripts or another browser on the current page or current link. It even has an almost foolproof advertisement filter built-in. Only google has managed to break that filter. :-) On the graphics side, links+ is excellent. It's blazing fast compared to everything else, and makes firefox look like a bloated pig. Unfortunately its Javascript implemention is almost non-existent. Because of that, you might not be able to use it to login to your online banking site, so keep the pig around (but only use it for the bank website). -- Stephen Takacs [EMAIL PROTECTED] http://perlguru.net/ 4149 FD56 D078 C988 9027 1EB4 04CC F80F 72CB 09DA
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 05:20:01PM +, Matthew Szudzik wrote: On Mon, Apr 07, 2008 at 04:44:08PM +, Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? What alternatives to firefox do you suggest? On my main desktop, I use debian. While its not OpenBSD, they do respond quickly to security problems and, on stable (Etch right now), they backport the fix to the version in stable, and provide a new binary update. While firefox is a large binary and takes a while to download on dialup, at least there is not compile time. I wish there was a way to use OpenBSD for the main base system but to use Debian binary packages (debs) for third-party apps. Looking into the details of this is on my todo list. IIUC, debian debs can't be in something that is chrooted but I don't understand the reasons or if it applies to all packages (e.g. firefox/iceweasel). However, on debian chroots work just fine if the right directories are mounted (e.g. proc). Debian has a package call schroot which allows ordinary users to run programs as themselves in the chroot and handles automatically bind-mounting necessary directories. Each user gets their own copy of the chroot. Doug.
Re: Firefox 2.0.0.12
I back ported Firefox 2.0.0.12 to OpenBSD 4.2+patches, I can't believe the OpenBSD team is letting people use the insecure 2.0.0.6 version, We believe in security my ass. OpenBSD 4.3 will have 2.0.0.12, unfortunately 2.0.0.13 is out, and that fixes yet another security problem... so, manual back porting is the only option, I don't know why they give the people using -CURRENT the secured ports, more people use -RELEASE or -STABLE, so they should be providing resources for OUR security, not the extremists living on -CURRENT.. compiling their entire system from scratch every other hour/day/week. (Who the hell could live like that? f**king insanity!). Anyway, if you want the 2.0.0.12 package, I'll send it either via email or some file sharing site, along with the nspr update. -Nix Fan.
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 05:43:43AM -0700, Unix Fan wrote: I back ported Firefox 2.0.0.12 to OpenBSD 4.2+patches, I can't believe the OpenBSD team is letting people use the insecure 2.0.0.6 version, We believe in security my ass. or, quit using firefox. it's security record is rather lousy, wouldn't you agree? -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: Firefox 2.0.0.12
* Unix Fan [EMAIL PROTECTED] [080407 08:57]: I back ported Firefox 2.0.0.12 to OpenBSD 4.2+patches, I can't believe the OpenBSD team is letting people use the insecure 2.0.0.6 version, We believe in security my ass. OpenBSD 4.3 will have 2.0.0.12, unfortunately 2.0.0.13 is out, and that fixes yet another security problem... so, manual back porting is the only option, I don't know why they give the people using -CURRENT the secured ports, more people use -RELEASE or -STABLE, so they should be providing resources for OUR security, not the extremists living on -CURRENT.. compiling their entire system from scratch every other hour/day/week. (Who the hell could live like that? f**king insanity!). Anyway, if you want the 2.0.0.12 package, I'll send it either via email or some file sharing site, along with the nspr update. -Nix Fan. ahem, snaphots... It's not that hard. You don't have to roll your own release to stay very close to -current. That gets you the base system. Then just use your ports tree to build and update your add on software. Security is a team effort here and the end user is part of that team. Jim
Re: Firefox 2.0.0.12
Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? That's a stupid outlook on things... 2.0.0.6 was released in July, that's a hell of a long time between April, exploits in depencies are bound to show up in that time frame. OpenBSD developers are intentionally putting their users at risk by not providing security updates, because... no workstation can sanely be secure if the only decent web browser is several versions behind. As for other browsers, there are none... switching to the KDE thing would require.. KDE, or at least several of it's libraries, which is stupid if you're not using KDE or QT. If only text had expressive emoticons, because I'd be rolling my eyes right about now... -Nix Fan.
Re: Firefox 2.0.0.12
Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? That's a stupid outlook on things... 2.0.0.6 was released in July, that's a hell of a long time between April, exploits in depencies are bound to show up in that time frame. OpenBSD developers are intentionally putting their users at risk by not providing security updates, because... no workstation can sanely be secure if the only decent web browser is several versions behind. As for other browsers, there are none... switching to the KDE thing would require.. KDE, or at least several of it's libraries, which is stupid if you're not using KDE or QT. If only text had expressive emoticons, because I'd be rolling my eyes right about now... -Nix Fan. Why not use Dillo? Fast, light weight. If your site doesn't work in Dillo, why not make it work? http://www.openbsd.org renders in it. You're welcome to submit patches to the dillo team.
Re: Firefox 2.0.0.12
Unix Fan wrote: Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? That's a stupid outlook on things... 2.0.0.6 was released in July, that's a hell of a long time between April, exploits in depencies are bound to show up in that time frame. OpenBSD developers are intentionally putting their users at risk by not providing security updates, because... no workstation can sanely be secure if the only decent web browser is several versions behind. As for other browsers, there are none... switching to the KDE thing would require.. KDE, or at least several of it's libraries, which is stupid if you're not using KDE or QT. If only text had expressive emoticons, because I'd be rolling my eyes right about now... -Nix Fan. Didn't you participate in this flamefest already: http://marc.info/?l=openbsd-miscm=119750317632017w=2 You already know the reasons for this. -Nick
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 04:44:08PM +, Jacob Meuser wrote: or, quit using firefox. it's security record is rather lousy, wouldn't you agree? What alternatives to firefox do you suggest?
Re: Firefox 2.0.0.12
Nick Templeton wrote: Didn't you participate in this flamefest already: http://marc.info/?l=openbsd-miscm=119750317632017w=2 You already know the reasons for this. -Nick Why yes, it would seem I did previously participate in an almost identical discussion... the things you learn. :) Do me a favour, discontinue stating the obvious.. it's not an appealing trait. ;) -Nix Fan.
Re: Firefox 2.0.0.12
Devin Smith wrote: Why not use Dillo? Fast, light weight. If your site doesn't work in Dillo, why not make it work? http://www.openbsd.org renders in it. You're welcome to submit patches to the dillo team. Because it's the worlds must lamest browser, next to lynx of coarse. None of the sites I visit render properly in it, HTML valid, as for my site.. I don't have one, what kind of idiot uses browses their own site? I'd prefer somethings that's going to support at least 5 web sites. I remember you from Naken Chat, you were cooler back then... ;) -Nix Fan.
Re: Firefox 2.0.0.12
On Mon, Apr 7, 2008 at 10:39 AM, Devin Smith [EMAIL PROTECTED] wrote: You're welcome to submit patches to the dillo team. To a project that has a two year old changelog, and hasn't updated their website in approximately the same timeframe? Is dillo development active on some underground level that I'm not aware of? -- Systems Programmer, Principal Electrical Computer Engineering The University of Arizona [EMAIL PROTECTED]
Re: Firefox 2.0.0.12
...providing resources for OUR security... what, like untrusted binaries from an unknown anonymous source, sent via some file sharing site? If I ran 4.2 on boxes where I use a web browser, I'd sooner take my chances with slightly older OpenBSD-provided packages and noscript. You do realise that with your abrasive posts, you're pissing off the very people you're suggesting do the work, right?
Re: Firefox 2.0.0.12
You do realise that with your abrasive posts, you're pissing off the very people you're suggesting do the work, right? I don't think they realise
Re: Firefox 2.0.0.12
Stuart Henderson wrote: .. You do realise that with your abrasive posts, you're pissing off the very people you're suggesting do the work, right? Yes, I realise that, and I'm not trying to offend...intentionally.. *sigh*... I'll stop posting, the developers have already made it clear to us end-users... We'll provide you with a secure system, but.. hell, once you get it.. it won't be secure anymore, wait another 6 months, it'll be secure again. briefly. Frustration leads to insults and panic, Thus, here I am, expressing my humanity, I'm not a machine.. -Nix Fan.
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 12:00:44PM -0700, Unix Fan wrote: ... I'll stop posting, the developers have already made it clear to us end-users... We'll provide you with a secure system, but.. hell, once you get it.. it won't be secure anymore, wait another 6 months, it'll be secure again. briefly. Frustration leads to insults and panic, Thus, here I am, expressing my humanity, I'm not a machine.. Are you human? I was going on the assumption that you were a made up character -- someone's parody of the demanding and entitled free software user. If that's not the case I'd suggest you speak only for yourself and not all end-users. -- Mike Small [EMAIL PROTECTED]
Re: Firefox 2.0.0.12
On Monday 07 April 2008 14:00, you wrote: We'll provide you with a secure system, but.. hell, once you get it.. it won't be secure anymore, wait another 6 months, it'll be secure again. briefly. The developers provide a secure system that can be downloaded completely free of charge. If you want the system to remain updated with regards to patches, then you have to do the patching yourself. Note that the patches are also provided freely. What more do you want? Is it reasonable to expect any more? You're already getting quite a bit... The packages/ports might lag a bit from the base system. If you are that concerned about it, either lend a hand maintaining the packages important to you, or consider that perhaps OpenBSD is not the OS for you. You are not OpenBSD's target audience. The developers produce it for themselves. That you happen to be able to derive value from it should be considered as the generous gift it is, and treated as such. If you do not get enough value from it to make it worth using for you, then go find something else. There are plenty of other operating systems out there. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Firefox 2.0.0.12
On Mon, Apr 7, 2008 at 2:44 PM, Daniel A. Ramaley [EMAIL PROTECTED] wrote: On Monday 07 April 2008 14:00, you wrote: We'll provide you with a secure system, but.. hell, once you get it.. it won't be secure anymore, wait another 6 months, it'll be secure again. briefly. The developers provide a secure system that can be downloaded completely free of charge. If you want the system to remain updated with regards to patches, then you have to do the patching yourself. Note that the patches are also provided freely. What more do you want? Is it reasonable to expect any more? You're already getting quite a bit... The packages/ports might lag a bit from the base system. If you are that concerned about it, either lend a hand maintaining the packages important to you, or consider that perhaps OpenBSD is not the OS for you. You are not OpenBSD's target audience. The developers produce it for themselves. That you happen to be able to derive value from it should be considered as the generous gift it is, and treated as such. If you do not get enough value from it to make it worth using for you, then go find something else. There are plenty of other operating systems out there. Well put, Daniel. I wholeheartedly concur.
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 10:22:07AM -0700, Unix Fan wrote: OpenBSD developers are intentionally putting their users at risk by not providing security updates bullshit. -current ports gets security updates all the time. and yes, I am saying to use -current if you need ports and can't/don't want to keep patching -release ports yourself. besides, even if there were -stable ports, fixes go in -current first anyway. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: Firefox 2.0.0.12
On Mon, Apr 07, 2008 at 12:00:44PM -0700, Unix Fan wrote: Stuart Henderson wrote: .. You do realise that with your abrasive posts, you're pissing off the very people you're suggesting do the work, right? Yes, I realise that, and I'm not trying to offend...intentionally.. *sigh*... I'll stop posting, the developers have already made it clear to us end-users... We'll provide you with a secure system, but.. hell, once you get it.. it won't be secure anymore, wait another 6 months, it'll be secure again. briefly. Frustration leads to insults and panic, Thus, here I am, expressing my humanity, I'm not a machine.. I find it quite depressing that in the same email as expressing regret for offense, you do it again. You, sir, are far more often unhelpful than the converse. I suggest you look into that. -0- -- Abstainer, n.: A weak person who yields to the temptation of denying himself a pleasure. -- Ambrose Bierce, The Devil's Dictionary
Re: Firefox 2.0.0.12
Unix Fan ha scritto: Stuart Henderson wrote: .. You do realise that with your abrasive posts, you're pissing off the very people you're suggesting do the work, right? Yes, I realise that, and I'm not trying to offend...intentionally.. *sigh*... I'll stop posting, the developers have already made it clear to us end-users... We'll provide you with a secure system, but.. hell, once you get it.. it won't be secure anymore, wait another 6 months, it'll be secure again. briefly. Are you serious? Tell me, you read in some openbsd.org page, that openbsd it's a desktop os or projected to be a next dragonfly or pc bsd ?It's some ubuntu shit or opensuse ? It's made to be secure, it's prone to be installed on a server not just a fuckin desktop o.s. I follow -current and i'm happy because this O.S. give me what i'm looking for... What you say it's just stupid and polemic. OpenBSD staff it's little, dont have much time to do patch or to follows ports or all the packages for all releases, think about it.In every release you can be sure that your machine can be a good and powerful server. Dont blame other people, blame yourself. You cant follow -current or you cant patch for yourself firefox or other things? You just wait others to do what you can do ? So, change O.S. OpenBSD is not for you. Use mandrivia or ubuntu and dont piss off the programmers. My .02 cent Francesco. PS= Some times it's better to send an email just to thanks and not to blame. Shame on you.