Palemoon in debian

If none of the more specific forums is the right place to ask

Palemoon in debian

Postby sayansg » 2018-09-26 09:46

Is there any way to install palemoon in debian?

I'm a big fan of palemoon. It's a great deal faster and less resource intensive than firefox, especially on older hardware. Is there any reason why it isn't in debian repo? Is there any security concerns? I found a workaround, a repo in opensuse by steve. What about add-ons? Are they safe to install?

I'm asking this because I see several mediocre web browsers(like netsurf) in debian repo but no palemoon.
sayansg
 
Posts: 21
Joined: 2018-09-13 17:05

Re: Palemoon in debian

Postby Dai_trying » 2018-09-26 10:20

I use Palemoon and find it quite good and add-ons can be used usually without issue but as with any software you install you should check it out first, I followed the palemoon website instructions to install it on my system and everything went smoothly.
Dai_trying
 
Posts: 548
Joined: 2016-01-07 12:25

Re: Palemoon in debian

Postby MALsPa » 2018-09-26 10:38

Same here, I've been using Pale Moon in Debian Stretch. My preferred approach: I simply downloaded the tarball, extracted it to /opt, and ran the chown command as shown in this thread: https://forum.palemoon.org/viewtopic.php?f=37&t=19828
MALsPa
 
Posts: 641
Joined: 2007-12-07 19:20
Location: albuquerque

Re: Palemoon in debian

Postby GarryRicketson » 2018-09-26 10:48

Obviously, you know there is ways to install it:
I found a workaround, a repo in opensuse by steve.


sayansg » Is there any reason why it isn't in debian repo?

A little more search foo: Keywords:
Code: Select all
Why is Palemoon not in the Debian repositories

https://lists.debian.org/debian-project/2015/03/msg00016.html

sayansg »Is there any security concerns?

Key Words:
Code: Select all
Is there any security concerns for Palemoon 

https://www.cvedetails.com/vulnerability-list/vendor_id-12592/Palemoon.html
But you really should read some of the other results, using those keywords, there seem to be some, depending on your system, that you did not bother to give any details for.

by sayansg » What about add-ons? Are they safe to install?

Code: Select all
What about addons and plugins on Palemoon , are they safe  ?

Honestly, why don't you just read the Palemoon FAQ, and since you have so many questions about Palemoon, sign up to their forum and asks these questions there ?
https://www.palemoon.org/faq.shtml
====================
https://forum.palemoon.org/index.php

I'm asking this because---- snip---

The browsers you call "mediocre", in YOUR opinion only, are good browsers, and those are what Debian has in their repositories, because those are ones that are acceptable for Debian, and their packaging policy.
You are asking this, because you just did not want to do your own searches, I guess, or maybe there are other motives, ? Like telling us the other browsers are "mediocre", ? And you think Debian should include Palemoon in the repositories ?
User avatar
GarryRicketson
 
Posts: 5131
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: Palemoon in debian

Postby sayansg » 2018-09-26 10:53

My Dear Garry,

I did not have any ulterior motive for asking the questions that I asked. They were honest questions, but admittedly ones asked without doing any searches in the forum first.
sayansg
 
Posts: 21
Joined: 2018-09-13 17:05

Re: Palemoon in debian

Postby GarryRicketson » 2018-09-26 11:00

No problem, Oh, and on the security issues, I noticed something mentioned, but seems to be if it is a non-systemd system, I did not look at the details.
User avatar
GarryRicketson
 
Posts: 5131
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: Palemoon in debian

Postby bw123 » 2018-09-26 11:11

sayansg wrote:Is there any way to install palemoon in debian?

I'm a big fan of palemoon. It's a great deal faster and less resource intensive than firefox, especially on older hardware. Is there any reason why it isn't in debian repo? Is there any security concerns? I found a workaround, a repo in opensuse by steve. What about add-ons? Are they safe to install?

I'm asking this because I see several mediocre web browsers(like netsurf) in debian repo but no palemoon.


The browsers in the main repo are free, including source code, and their licenses all allow you to alter and redistribute them. Debian has made a promise to remain 100% free https://www.debian.org/social_contract even though the distribution can work with software that is non-free.
https://www.palemoon.org/redist.shtml

Debian has a security team for the repo. I don't know how palemoon handles it. That is a good question though, and something to consider when installing binaries from outside of Debian repositories.
https://wiki.debian.org/Teams/Security
User avatar
bw123
 
Posts: 3408
Joined: 2011-05-09 06:02
Location: TN_USA

Re: Palemoon in debian

Postby stevepusser » 2018-09-26 18:44

Pale Moon has some restrictions on the trademarked name that building it from source against system versions of libraries like libnspr4 and libnss3 per Debian policy would violate. My repo has Pale Moon build and use its internal versions of those libraries instead, so I can use the official branding.

However, Debian would be allowed to build it the Debian way if they used a different package name and graphics, such as the suggested "New Moon", and alternate unofficial graphics are already included in the source. I did it as an experiment once, and it wasn't that difficult to switch it over to that name. Debian would then be free to change the build configuration and patch it as much as they want. I believe that the official version only supports i386 and amd64 builds, and Debian would need to patch the source to get it to build on the other architectures that Debian would want to provide packages for. So that situation is much the same as with Mozilla and Firefox builds.

Pale Moon will also crash if you're using your distro's version of the oxygen-gtk GTK 2 theme, since that theme doesn't know anything about Pale Moon. I have a patched version in my OBS that adds it and "newmoon" to the list of Mozilla-type apps for which it does a crash-preventative workaround--Debian would have to do the same if they added New Moon.

As for addons, I'm pretty sure the ones approved by Pale Moon are going to be OK. You should be able to install older XUL-based ones like Flashgot from the vetted Mozilla Web store, too--at least it works fine for most sites on my install.
The MX Linux repositories: Backports galore! If we don't have something, just ask and we'll try--we like challenges. New packages: Kdenlive 18.08.1, Pale Moon 28.1.0, wine-staging 3.17, qBittorrent 4.1.3, Liquorix kernel 4.18-13, Audacity 2.3.0
User avatar
stevepusser
 
Posts: 10008
Joined: 2009-10-06 05:53

Re: Palemoon in debian

Postby debiman » 2018-09-28 05:57

sayansg wrote:I found a workaround, a repo in opensuse by steve.

this seems to be causing some confusion.
steve pusser's debian repos are debian repos, even if they are hosted on an opensuse site.
User avatar
debiman
 
Posts: 2923
Joined: 2013-03-12 07:18

Re: Palemoon in debian

Postby stevepusser » 2018-09-28 18:03

Yes, I also have the OBS build Ubuntu packages from one source code upload: https://build.opensuse.org/package/show ... r/palemoon

If I knew how, I could also have it build Arch, SUSE, Fedora, and many other distro packages, like the SMPlayer developer does: https://build.opensuse.org/package/show ... v/smplayer
The MX Linux repositories: Backports galore! If we don't have something, just ask and we'll try--we like challenges. New packages: Kdenlive 18.08.1, Pale Moon 28.1.0, wine-staging 3.17, qBittorrent 4.1.3, Liquorix kernel 4.18-13, Audacity 2.3.0
User avatar
stevepusser
 
Posts: 10008
Joined: 2009-10-06 05:53

Re: Palemoon in debian

Postby sayansg » 2018-09-29 09:39

Thanks a lot steve.

I installed palemoon 28.1.0 32-bit from the opensuse site following your directions as mentioned in palemoon forum. Great software.

Only had one slight problem. The preference menu items were static. But as suggested by someone in mx linux from, I think, I changed animatefadein to true and the issue was resolved.

Thanks for making palemoon work on debian. It's fast as ever and has a good collection of add-ons.

Cheers.
sayansg
 
Posts: 21
Joined: 2018-09-13 17:05

Re: Palemoon in debian

Postby pcalvert » 2018-09-29 13:22

GarryRicketson wrote:The browsers you call "mediocre", in YOUR opinion only, are good browsers, and those are what Debian has in their repositories, because those are ones that are acceptable for Debian, and their packaging policy.

One thing to keep in mind about the more obscure web browsers, like NetSurf, is that they never receive any security updates. According to what I read, in Debian stable only Chromium and Firefox receive security updates. I like NetSurf because it opens very quickly, but because it doesn't receive security updates I only use it to perform a periodic quick check of a particular website that I trust.

Phil
“Property is the fruit of labor; property is desirable; it is a positive good
in the world. That some should be rich shows that others may become
rich, and hence is just encouragement to industry and enterprise.”
— Abraham Lincoln
pcalvert
 
Posts: 1799
Joined: 2006-04-21 11:19
Location: Sol Sector

Re: Palemoon in debian

Postby debiman » 2018-09-30 09:21

^ not sure, but i think most if not all security vulnerabilities are tied to javascript (or other forms of client-side scripting).
since these "small" browsers (*) do not support javascript (or other forms of client-side scripting) at all (with the exception of netsurf) one might consider them "unhackable", no?

(*) meaning dillo, w3m, links etc.
NOT falkon, surf, dwb, etc. otoh, if those are built around a constantly updated web engine, they are inherently as safe as that engine.
problem is, they often require special builds of those web engines, which are then not updated so often.
it's a mess.
User avatar
debiman
 
Posts: 2923
Joined: 2013-03-12 07:18

Re: Palemoon in debian

Postby Head_on_a_Stick » 2018-09-30 09:40

debiman wrote:^ not sure, but i think most if not all security vulnerabilities are tied to javascript (or other forms of client-side scripting).

No, the vulnerabilities are because of the outdated webkit libraries supplied with Debian stable:

https://www.debian.org/releases/stable/ ... r-security
User avatar
Head_on_a_Stick
 
Posts: 8009
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Palemoon in debian

Postby debiman » 2018-09-30 10:15

^ yes yes i have seen that many times.
it does not contradict what i asked.
i am really not sure myself about this, but what vulnerabilites can there be without client-side scripting?
in other words, can a browser like links or w3m be vulnerable, i.e. used as an attack vector on the system? how and to what extent?
User avatar
debiman
 
Posts: 2923
Joined: 2013-03-12 07:18

Next

Return to General Questions

Who is online

Users browsing this forum: archimboldo and 11 guests

fashionable