On Mon, Apr 07, 2008 at 05:20:01PM +0000, Matthew Szudzik wrote: > On Mon, Apr 07, 2008 at 04:44:08PM +0000, Jacob Meuser wrote: > > or, quit using firefox. it's security record is rather lousy, wouldn't > > you agree? > > What alternatives to firefox do you suggest?
On my main desktop, I use debian. While its not OpenBSD, they do respond quickly to security problems and, on stable (Etch right now), they backport the fix to the version in stable, and provide a new binary update. While firefox is a large binary and takes a while to download on dialup, at least there is not compile time. I wish there was a way to use OpenBSD for the main base system but to use Debian binary packages (debs) for third-party apps. Looking into the details of this is on my todo list. IIUC, debian debs can't be in something that is chrooted but I don't understand the reasons or if it applies to all packages (e.g. firefox/iceweasel). However, on debian chroots work just fine if the right directories are mounted (e.g. proc). Debian has a package call schroot which allows ordinary users to run programs as themselves in the chroot and handles automatically bind-mounting necessary directories. Each user gets their own copy of the chroot. Doug.
