rolling Firefox back to 2.x

Steve Lamb grey at dmiyu.org
Tue Sep 2 05:34:34 UTC 2008 

Nik N wrote:
> To make something (awesomebar, for instance) behave the way you
> prefer, by hook and by crook, is one thing. Security is differnet: you
> can not ascertain that something is secure a priory, you have no
> option but to depend on the competence of the product planner, the
> designer and the programmer.

> Injecting sqlite into the security chain of the browser demonstrates
> incompetence.

    Your belief this is the case demonstrates yours.  Let me put a
non-to-blunt end to this.  You're getting your knickers in a twist because
Firefox is using a specific external library to get things done.  Meanwhile
you have no problems with the following external libraries in FF2.0 which you
feel is more secure because it doesn't depend on the one library you have it
in for.

dep: debianutils (>= 1.16)
    Miscellaneous utilities specific to Debian
dep: fontconfig
    generic font configuration library - support binaries
dep: libatk1.0-0 (>= 1.13.1)
    The ATK accessibility toolkit
dep: libc6 (>= 2.5-0ubuntu1)
    GNU C Library: Shared libraries
    also a virtual package provided by libc6-udeb
dep: libcairo2 (>= 1.4.2)
    The Cairo 2D vector graphics library
dep: libfontconfig1 (>= 2.4.0)
    generic font configuration library - runtime
dep: libfreetype6 (>= 2.2)
    FreeType 2 font engine, shared library files
dep: libgcc1 (>= 1:4.1.2) [not amd64]
    GCC support library
dep: libglib2.0-0 (>= 2.12.9)
    The GLib library of C routines
dep: libgtk2.0-0 (>= 2.10.3)
    The GTK+ graphical user interface library
dep: libhunspell-1.1-0
    spell checker and morphological analyzer (shared library)
dep: libjpeg62
    The Independent JPEG Group's JPEG runtime library
dep: libnspr4 (>= 2:1.firefox1.5.dfsg+1.5.0.5-0ubuntu6.06.1)
    Netscape Portable Runtime Library
dep: libnss3 (>= 2:1.firefox1.5.dfsg+1.5.0.5-0ubuntu6.06.1)
    Network Security Service Libraries - runtime
dep: libpango1.0-0 (>= 1.16.2)
    Layout and rendering of internationalized text
dep: libstdc++6 (>= 4.1.2)
    The GNU Standard C++ Library v3
dep: libx11-6
    X11 client-side library
dep: libxft2 (>> 2.1.1)
    FreeType-based font drawing library for X
dep: libxinerama1
    X11 Xinerama extension library
dep: libxrender1
    X Rendering Extension client library
dep: libxt6
    X11 toolkit intrinsics library
dep: psmisc
    Utilities that use the proc filesystem
dep: zlib1g (>= 1:1.2.1)
    compression library - runtime
    also a virtual package provided by zlib1g-udeb

    24 libraries that are not in the control of the programmers and developers
at Mozilla is A-OK! with you.  25 is BAAAAAAAAD.  See the problem here?

More information about the ubuntu-users mailing list