non-snap version of FF under Ubuntu 22.04?

Sat Apr 29 15:39:56 UTC 2023

Am Samstag, dem 29.04.2023 um 14:37 +0200 schrieb Oliver Grawert:
> hi,
> Am Freitag, dem 28.04.2023 um 18:21 +0200 schrieb Volker Wysk:
> > > indeed browsers *should* be safe by default and javascript should
> > > run
> > > sandboxed in mozjs in firefox, but i guess you have been a computer
> > > user for long enough to know that bugs exist everywhere all the
> > > time
> > > ... and some of them *are* security holes and go unnoticed for
> > > years.
> > > 
> > > adding extra security around this is simply preventing such bugs to
> > > be
> > > as serious as if there would be no policy, especially for something
> > > like a browser that has to deal with really badly protected or
> > > badly
> > > programmed (or even intentionally bad behaving) websites all day.
> > 
> > That makes sense. But the Snap sandboxing of Firefox is so tight that
> > it seriously affects usability. 
> 
> i guess the majority of users (like i.e. my mom or my sister) would
> actually disagree, it browses the web with no issues.
> 
> the thing is that people like you (or me :) ) use it as a local html
> viewer too, where such limitaions get in the way. if you use it for its
> original intended purpose (browsing the web) there is nothing in the
> snap confinement getting in your way ... 

So viewing local HTML pages isn't an originally intended purpose? My dad,
for example, likes to save HTML pages to disk. It's under the home
directory, so this works, but wanting to save them somewhere else (such as
under /usr/local) isn't that far-fetched.

> i agree it might be a pain for advanced users or developers but for the
> great majority of the non-technical average user it simply functions as
> intended ... 
> 
> for us others, there are ways around it (like bind mounting dirs into
> your home, using --devmode to drop confinement or simply making sure
> all your html docs end up in a pre-defined writable location), 

I'd rather use --classic than --devmode.

> i know
> this is not ideal but after all it protects the masses and i can be
> sure i wont have to fix my moms PC due to a malicions website that
> utilized some hidden bug in the browser to do any harm to her install.

I like the protection from malicious websites, which you've described. So
I'll continue to use Brave when (and ONLY when) Firefox refuses to display a
file. 

But it would be better if the directory restrictions could be adapted to the
needs. I've googled for that, but couldn't find any way. It looks like the
snap would have to repackaged in order to accomplish this.

Cheers,
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20230429/66387907/attachment.sig>