FireFox-ESR and 16.04

Default profile or default browser? I have 2 profiles and it got both of them ok. However, I got the Not-Default-Browser message so registered it.

How are you starting it? For 16.04 I changed the /usr/bin/firefox link to /opt/firefox/firefox (originally it points to some script).

I saw a lot of solutions including the home directory but that was the first one I soundly rejected.

EDIT: Per your edit, yep, that’ll run as root. The method I used works on every method of starting firefox I can find, including opening .url files.

So there is an unofficial PPA with FF-ESR 52 for 14.04 and 16.04:
https://launchpad.net/~jonathonf/+archive/ubuntu/firefox-esr

I can’t recommend it as I didn’t try it yet myself, but maybe someone else already tried it?

If you want to use Firefox ESR, use the Tor Browser Bundle and deactivate the tor-network.
Basicly just go to settings and deselect the proxy to “use system setting” instead
and go to “about:config” and set “socks*dns” to false

After that it’s a more secure Firefox ESR and if you use a VPN you basicly have a fast and anonym Tor Browser.
You can also run multiple Tor Browser instances simultaneous to Firefox

Another benefit:
I had a motherboard crash on my pc. So I needed to rescure my data from my SSD.
For the Tor Browser all i needed to do was copy the folder.
I can start the Browser under ALL Linux distros and have all my bookmarks and settings.
No need for setting it up again

/opt/firefox/firefox is what I used, but this is just the path to the extracted file. I can run it from there as a normal user and then it picks up my profile. So the problem was I was running as root before.

Btw. don’t run a browser as root - a successful attacker will have full system access that way without needing an additional privilege escalation exploit.

Hi @maximuscore, not running as root almost goes without saying. However, I’m reading this can be used for the built-in update engine just on those occasions. I’ve been wrestling with this concept, to say the least.

So… running as root only to update Firefox… anyone know of issues other than the short window of time? I imagine we’ll also have a /root/.mozilla directory that should be set secure as Firefox is NO WAY secure by default.

Yes, the updater of course will require running as root.
I’d lock down the root user’s FF profile as much as you can, though.

Agreed. But I stopped maintaining the constantly-changing huge list of settings in favor of someone else doing that with extensions like Privacy Settings where I compared lists and found I was behind.

In the meantime, we have some excellent ideas from @monsta and @boncha I want to take a good look at. Thanks!

I was just a test. I’m using the browser, but not as root.

I am considering installing a per-app-triggered filter, something that I found very efficient on macOSX in the past.
On OSX the name was “little snitch”, on Ubuntu I see there are a couple of wannabees, like the one called Douane. (“Douane” meaning “Customs” in french)

The idea is that each time an app asks for a new connection to somewhere a dialog appears and then one either allows everything, or just that address, forever, or just for now…
After some ten minutes setting things up it flies silently (in my former OSX experience), and still would trigger a warning if, say, the updater would phone an unexpected place.

Anyone with a Mate experience with Douane or the like here?
I am strongly interested in advice
Thank you!

Looks like there’s a problem with switching to ESR from FF 55 or newer: