Firefox 57 Brings Better Sandboxing on Linux

Catalin Cimpanu, writing for BleepingComputer: Firefox 57, set to be released tomorrow, will ship with improvements to the browser's sandbox security feature for Linux users. The Firefox sandboxing feature isolates the browser from the operating system in a way to prevent web attacks from using a vulnerability in the browser engine and its legitimate functions to attack the underlying operating system, place malware on the filesystem, or steal local files. Chrome has always run inside a sandbox. Initially, Firefox ran only a few plugins inside a sandbox -- such as Flash, DRM, and other multimedia encoding plugins.

Firefoxalypse

[freeze128]

I dread updating to Firefox 57, because it will break all of my plugins.

Re: Firefoxalypse

The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work. This increases the speed of the browser dramatically. Don't blame the Firefox developers who are creating a better product. Blame the lazy add-on developers who haven't upgraded their add-ons. Alternatively, use an ESR release. Regardless, stop whining.

Re: Firefoxalypse

But Mozilla has removed APIs so many of the plugins are impossible to implement again.

Re: Firefoxalypse

The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work. ...

The amount of advance notice is irrelevant. The fact that the switch to Web Extensions is being driven by the calendar rather than the readiness of the software is the problem.

The new add-on interface still lacks functionality. There are many things that a Web Extension simply can't do, but that can be done by traditional Firefox add-ons. To add insult to injury, the Mozilla team isn't treating these gaps as a high priority. Their attitude seems to be "tell us what you're missing and maybe we'll add it later."

Alternatively, use an ESR release.

That would be a more useful suggestion if Firefox 56 was the ESR. But it's not -- they're using an older version. I may be willing to stand still, but I'm not interested in going backwards.

Re:Firefoxalypse

I've heard this so many times it seems like Chrome/Edge propaganda now. Why so negative on the visuals of the browser? WHO GIVES A FLIPPITY DO DAH what the browser looks like? Is that REALLY the criteria you judge software on? The shape of the buttons and tabs?

Fine, quit Firefox, but they are adding more and more support for privacy while all the other browsers are removing it or don't give to diddly flips about it. Hand over your data to GOOGLE using a chrome WHICH LOOKS LIKE AUSTRALIS ANYWAYS!

*Caps for emphasis on the total idiocy of these kinds of remarks.

Repeat after me, ditching software A because it's ugly for software B that is also ugly is stupid logic.

Re: Firefoxalypse

Except that Waterfox is not its own browser, it's wholly reliant on whatever the Firefox developers do. Once they stop overworking themselves by maintaining Firefox's legacy while updating it, and just pull out those bits, Waterfox will be fucked. Daydreaming about how easy it is to maintain XUL is just not going to get it done. There is no covert army of coders just waiting to take up the torch; if such a team existed they would have fixed the problems before things got to this point.

The whole "lazy" angle is just plain insulting, too. Do you honestly not realize that Firefox could have dropped this legacy stuff before they spend the last year overworking themselves to bring the engine up to speed? It would have made things easier, but they wanted to give us more time to find out how to port our legacy addons. The only people still bitching about it now are the people who never put in any effort to do so, and just feel entitled to having someone else make their niche APIs for them.

Re: Firefoxalypse

It's not that they removed them, but they simply haven't (or won't) implement them. The reason, as far as I can tell, is that they refuse to admit that there are better (or simply different) ways to design the interface.

Re: Firefoxalypse

That's great, except for the part where some plugins CANNOT be implemented under the new API.

And the part where a whole ecosystem of perfectly good extensions created by volunteers for free is being discarded without a viable replacement for many of them.

Re: Firefoxalypse

[doom]

Blame the lazy add-on developers who haven't upgraded their add-ons.

Let me enlighten you about a secret of software projects: if you want to be taken seriously as a platform for third-party developers, breakage-on-upgrade is never acceptable. And accusing them of being lazy is an excellent way of driving them away.

Alternatively, use an ESR release.

Which staves off the problem only temporarily. I would suggest the waterfox fork, or possibly palemoon.

Regardless, stop whining.

You first.

How about giving users a choice?

Remember that Firefox 57 also only supports WebExtensions add-ons, which will break lots of add-ons including some used for security. How about giving users a choice whether they want faster speeds or to retain the functionality of XUL add-ons. This is what Apple calls courage. I call it asinine. Let users upgrade and get the additional security, but let them decide if they want speed or legacy add-ons.