On Wed, 27 Sep 2017 14:49:19 +0200
> Hi there! > > Last night I enjoyed reading through the different presentation > slides from EuroBSDcon 2017. > > Relating to Theo's presentation on 'Pledge and > Privsep' (https://www.openbsd.org/papers/eurobsdcon2017-pledge.pdf) > he states that firefox cannot be pledged while "chrome was strongly > pledged in <1 week". > > I assume that this actually is 'chromium', right? Disregarding any > addons, is it valid to say that for OpenBSD users chromium is "safer" > than FF as the latter is not pledgeable? I believe mtier provides updates for firefox ESR and not chromium. Chromium has pledges patched in because it was structured for sandboxing. Firefox has W^X compliance and so runs with the secure defaults. The latest Firefox (Not ESR as mtier provides) has recently had sandboxing for Windows and Linux added and legacy extensions will be phased out. It is therefore likely possible to add pledge patches without depending on upstream and so Firefox could become the clear winner. Otherwise you have to decide for yourself. I'm not sure any browsers code quality is Good or which is better, which would be an important factor. Neither are particularly good at privacy but Firefox does allow clearing data on exit and has better extensions.
