Moving w3m out of standard

Soren Hansen soren at
Mon Jun 23 13:57:28 UTC 2008

On Mon, Jun 23, 2008 at 08:43:28AM -0500, James Dinkel wrote:
>> Do you think we should remove groff (and with it, man-db), too? I'm
>> not trying to be difficult.. This is an actual question.
> No, but I use man all the time.  Granted, that may be pandering to
> myself, but man just seems infinitely more useful than a web browser.
> This could be that 1) I have never ever used a web browser, or been in
> a position where it would seem useful, on a server and 

Think it helps immensely if you stop calling it a web browser, and start
calling it an html viewer (which happens to work as a web browser as
well, but that's beside the point).

> 2) the whole idea that "it's a browser", therefore "it's a huge
> security hole."

Sorry, I'm having trouble detecting sarcasm over e-mail. Is this a joke
or a serious comment?

> And you may say it's just for looking at local html files, but it
> opens up the thinking that "if they put a web browser on a server,
> then it must be ok to browse the web from a server."

If people want to use it for that, I'm not going to stop them. I might
point fingers and call them silly, but that's their right.

> I've seen plenty of Windows admins casually browsing the web from a
> server console while waiting on some task to finish in the server
> room.

The difference is that they're using a full featured web browser. w3m
doesn't even do javascript. It's not any more or less of a security hole
than as wget + groff combo would be. (Of course each program might have
its own set of security problems, but the concept of each has no more or
less security implications than the other)

Soren Hansen               | 
Virtualisation specialist  | Ubuntu Server Team
Canonical Ltd.             |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <>

More information about the ubuntu-server mailing list