Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox 57 Brings Better Sandboxing on Linux (bleepingcomputer.com)

Posted by msmash on from the what-to-know dept.

Catalin Cimpanu, writing for BleepingComputer: Firefox 57, set to be released tomorrow, will ship with improvements to the browser's sandbox security feature for Linux users. The Firefox sandboxing feature isolates the browser from the operating system in a way to prevent web attacks from using a vulnerability in the browser engine and its legitimate functions to attack the underlying operating system, place malware on the filesystem, or steal local files. Chrome has always run inside a sandbox. Initially, Firefox ran only a few plugins inside a sandbox -- such as Flash, DRM, and other multimedia encoding plugins.

7 of 124 comments (clear)

  1. Firefoxalypse by freeze128 · · Score: 5, Insightful

    I dread updating to Firefox 57, because it will break all of my plugins.

    1. Re:Firefoxalypse by Anonymous Coward · · Score: 4, Insightful

      I've heard this so many times it seems like Chrome/Edge propaganda now. Why so negative on the visuals of the browser? WHO GIVES A FLIPPITY DO DAH what the browser looks like? Is that REALLY the criteria you judge software on? The shape of the buttons and tabs?

      Fine, quit Firefox, but they are adding more and more support for privacy while all the other browsers are removing it or don't give to diddly flips about it. Hand over your data to GOOGLE using a chrome WHICH LOOKS LIKE AUSTRALIS ANYWAYS!

      *Caps for emphasis on the total idiocy of these kinds of remarks.

      Repeat after me, ditching software A because it's ugly for software B that is also ugly is stupid logic.

    2. Re: Firefoxalypse by KiloByte · · Score: 4, Informative

      Out of 37 extensions I use, there are WebExt equivalents for, *drumroll* 11. That much only because I spent some time looking for replacements.

      APIs that would be required to reimplement those extensions aren't even coded yet, and any code that gets merged (which usually takes months) needs additional 18 weeks to percolate into an unstable ("non-ESR") release. With Firefox 52 EOL in June, the chances enough of extensions required for sane use will be ready by then are about nil. And the default, with nothing for privacy but tons of junk like Pocket or Telemetry, is almost as far from sanity as Chromium.

      I guess it's time to look into packaging Waterfox or another fork.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    3. Re: Firefoxalypse by Anonymous Coward · · Score: 5, Insightful

      That's great, except for the part where some plugins CANNOT be implemented under the new API.

      And the part where a whole ecosystem of perfectly good extensions created by volunteers for free is being discarded without a viable replacement for many of them.

  2. Download Link... by unique_parrot · · Score: 4, Informative

    http://ftp.mozilla.org/pub/fir...

  3. A question for Mozilla by hyades1 · · Score: 5, Funny

    Is it called "Firefox 57" because that's how many users are left?

    --
    I've calculated my velocity with such exquisite precision that I have no idea where I am.
  4. Re:How about giving users a choice? by theweatherelectric · · Score: 4, Informative

    including some used for security

    Like what? uBlock Origin works in Firefox 57, so does Adblock Plus, so does Ghostery, so does Privacy Badger, so does HTTPS Everywhere, etc. The only one missing from AMO at the moment is NoScript but that will be released soon.