Palemoon in debian

If none of the more specific forums is the right place to ask

Re: Palemoon in debian

Postby Head_on_a_Stick » 2018-09-30 10:32

debiman wrote:can a browser like links or w3m be vulnerable, i.e. used as an attack vector on the system? how and to what extent?

https://www.cvedetails.com/vulnerabilit ... links.html
dbruce wrote:Ubuntu forums try to be like a coffee shop in Seattle. Debian forums strive for the charm and ambience of a skinhead bar in Bacau. We intend to keep it that way.
User avatar
Head_on_a_Stick
 
Posts: 8322
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Palemoon in debian

Postby pcalvert » 2018-09-30 18:34

If you're going to use a web browser (installed from a Debian repository) other than Chromium or Firefox, it would probably be a good idea to sandbox it using Firejail.

Phil
“Property is the fruit of labor; property is desirable; it is a positive good
in the world. That some should be rich shows that others may become
rich, and hence is just encouragement to industry and enterprise.”
— Abraham Lincoln
pcalvert
 
Posts: 1808
Joined: 2006-04-21 11:19
Location: Sol Sector

Re: Palemoon in debian

Postby bw123 » 2018-09-30 19:16

Head_on_a_Stick wrote:
debiman wrote:can a browser like links or w3m be vulnerable, i.e. used as an attack vector on the system? how and to what extent?

https://www.cvedetails.com/vulnerabilit ... links.html

links ver is at 2.14 in stretch, elinks is at 0.12~pre6-12 so none of those seem active?

Is palemoon vulnerable to mozilla's cve?
https://www.cvedetails.com/vulnerabilit ... zilla.html
User avatar
bw123
 
Posts: 3580
Joined: 2011-05-09 06:02
Location: TN_USA

Re: Palemoon in debian

Postby bentHnau » 2018-09-30 19:29

sayansg wrote:Is there any way to install palemoon in debian?

I'm a big fan of palemoon. It's a great deal faster and less resource intensive than firefox, especially on older hardware. Is there any reason why it isn't in debian repo? Is there any security concerns? I found a workaround, a repo in opensuse by steve. What about add-ons? Are they safe to install?

I'm asking this because I see several mediocre web browsers(like netsurf) in debian repo but no palemoon.

As an alternative to installation, I have simply run it from the download folder, but I'd rather not use something that isn't in the Debian main repos. I don't consider any Firefox-type addons to be safe. FYI, if you are a NoScript fan, it has been marked unsafe (or something, I can't remember the exact wording) in Palemoon and users can no longer receive support for it.
Debian Stretch x64 on a Dell XPS 17 laptop
bentHnau
 
Posts: 123
Joined: 2014-01-07 01:43
Location: California

Re: Palemoon in debian

Postby debiman » 2018-10-01 06:11

Head_on_a_Stick wrote:
debiman wrote:can a browser like links or w3m be vulnerable, i.e. used as an attack vector on the system? how and to what extent?

https://www.cvedetails.com/vulnerabilit ... links.html

interesting.
does it say when or if those are fixed? i could not find this information.
also, it says "Gained Access Level: None" except for one, that says a local user can gain user access - so not from the internet afaics.
and: 7 vulnerabilites in 15 years - i bet it looks very different for something like firefox:
https://www.cvedetails.com/vulnerabilit ... refox.html
hint: look for descriptions like "script to execute". the word "script" isn't found anywhere on the elinks page.
this was my initial argument.
User avatar
debiman
 
Posts: 3064
Joined: 2013-03-12 07:18

Re: Palemoon in debian

Postby Head_on_a_Stick » 2018-10-01 07:47

^ Not sure, tbh, I just posted the link in the hope you would do some digging :mrgreen:
dbruce wrote:Ubuntu forums try to be like a coffee shop in Seattle. Debian forums strive for the charm and ambience of a skinhead bar in Bacau. We intend to keep it that way.
User avatar
Head_on_a_Stick
 
Posts: 8322
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Palemoon in debian

Postby bentHnau » 2018-10-01 15:59

debiman wrote:and: 7 vulnerabilites in 15 years - i bet it looks very different for something like firefox:
https://www.cvedetails.com/vulnerabilit ... refox.html

The fewer vulnerabilities found is also related to the smaller number of people using/testing/targeting those text-based/javascript-less browsers (in addition to the number of actual security issues each one has).
Debian Stretch x64 on a Dell XPS 17 laptop
bentHnau
 
Posts: 123
Joined: 2014-01-07 01:43
Location: California

Re: Palemoon in debian

Postby debiman » 2018-10-01 16:20

how can my computer be open to attack through the browser without client-side scripting?
i don't think it can, but please tell me how if i'm wrong.

i understand that there's other forms of vulnerabilities - vulnerabilities to the data transmitted.
but vulnerabilites to the operating- and filesystem running the browser?
without the option to execute scripts transmitted from the originating site?
User avatar
debiman
 
Posts: 3064
Joined: 2013-03-12 07:18

Re: Palemoon in debian

Postby MagicPoulp » 2018-11-06 09:12

Why do you want to use Palemoon?

Is there anything you can do in Pale Moon that you cannot with Firefox?

If it is about speed, Frefox Quantum has made Firefox much faster than before.
MagicPoulp
 
Posts: 49
Joined: 2018-11-05 21:30

Re: Palemoon in debian

Postby anticapitalista » 2018-11-08 09:41

MagicPoulp wrote:Why do you want to use Palemoon?

Is there anything you can do in Pale Moon that you cannot with Firefox?

If it is about speed, Frefox Quantum has made Firefox much faster than before.


Maybe it is down to RAM usage.

Code: Select all
pmem
 Private  +   Shared  =  RAM used   Program

338.5 MiB +   4.6 MiB = 343.1 MiB   palemoon
486.5 MiB +  89.6 MiB = 576.2 MiB   firefox-esr (5)

antiX "Heather Heyer" - lean and mean.
http://antix.mepis.org
anticapitalista
 
Posts: 332
Joined: 2007-12-14 23:16

Re: Palemoon in debian

Postby NorthEast » 2018-11-22 07:14

Is there anything you can do in Pale Moon that you cannot with Firefox?

firefox won't add on an ad blocker, but palemoon is fine with one. This is on debian testing.
NorthEast
 
Posts: 10
Joined: 2018-11-18 04:35

Re: Palemoon in debian

Postby stevepusser » 2018-11-23 02:01

NorthEast wrote:
Is there anything you can do in Pale Moon that you cannot with Firefox?

firefox won't add on an ad blocker, but palemoon is fine with one. This is on debian testing.


What? uBlock Origin works fine with FF 63.0.3 for me.
The MX Linux repositories: Backports galore! If we don't have something, just ask and we'll try--we like challenges. New packages: Flightgear 2018.2.2, 4.19.5 kernel, wine-staging 4.0~rc1, Pale Moon 28.2.2, Mesa 18.2.6, Midori 7.0
User avatar
stevepusser
 
Posts: 10278
Joined: 2009-10-06 05:53

Re: Palemoon in debian

Postby None1975 » 2018-11-23 13:41

NorthEast wrote:firefox won't add on an ad blocker, but palemoon is fine with one.

You can use NoScript.
User avatar
None1975
 
Posts: 702
Joined: 2015-11-29 18:23
Location: Lithuania, Vilnius

Re: Palemoon in debian

Postby Bulkley » 2018-11-23 15:45

MagicPoulp wrote:Why do you want to use Palemoon?


Of all the browsers that I have tried, Palemoon is the most easily configured to the way I want it. Firefox and Chrome are impossibly rigid in some of their aspects. For example, try placing the address bar and menu components on top, bookmarks on the second line and tabs on the third; easily done on Palemoon, impossible on Firefox or Chrome.
Bulkley
 
Posts: 5667
Joined: 2006-02-11 18:35

Re: Palemoon in debian

Postby NorthEast » 2018-11-24 02:22

stevepusser wrote:
NorthEast wrote:
Is there anything you can do in Pale Moon that you cannot with Firefox?

firefox won't add on an ad blocker, but palemoon is fine with one. This is on debian testing.


What? uBlock Origin works fine with FF 63.0.3 for me.


Hello stevepusser,

Your "What?" suggested that the non-adding on of an adblocker is hardly believable. I guess your experience would support that. Alas, I have not been able to add any adblocker to firefox after following my nose through the steps: GetAddons>FindMoreAddons>AdBlockers>{click on any adblocker}. Then I choose one, and hit "Add to Firefox", but nothing happens and no adding-on is made. That's it. In the distant past I have been able to add an adblocker xpi file to firefox by downloading that file separately, and clicking on an option in firefox to do the adding-on of that xpi file, which worked then, but I can't see how to do that from the gui interface now. Current version: 60.3.0esr-1. I am certainly open to suggestions, but meanwhile Palemoon has been good for me.
NorthEast
 
Posts: 10
Joined: 2018-11-18 04:35

PreviousNext

Return to General Questions

Who is online

Users browsing this forum: No registered users and 2 guests

fashionable