Trusted UNIX Webrowsers?

Thats NOT true...Trusted Solaris and the other Trusted HP-UX or UNIX OSs dont even connect to thr Interent because they have very sensitive data on them. So they do not have browsers at all intstalled. No matter what people tell me.

Here is a list of what shipped with Trusted Solaris 7 package:
http://docs.sun.com/app/docs/doc/805-8051/6j7ioqdm4?a=view
You will find there:
#
Netscape Communicator 4.51 CD--Contains the Netscape(TM) browser. The AnswerBook2 online documentation requires a web browser for viewing.

Even not connected to Internet Trusted Solaris may access local resources i.e. corporate web server.

Also reading local documentation in answerbook requires browser

Is Mozilla also configured securily as to JavaScript Disabled?? I am sure. And I am also sure that coolies are cleaned out after each closing of the browser.

But if very sensitive data is on these servers, they should not be connected to the Internet at all.

You are right, such servers should never be connected to the Internet.
But the quiestion was about what browser, not about best practices of securing servers :-)
Netscape in older Solaris versiona and Mozilla in newer Solarises is NOT a secure browser itself.

I'm not shure about default Mozilla configuration in Trusted Solaris, probably it's the same as on normal system.

> Is Mozilla also configured securily as to JavaScript Disabled?? I am sure. And I am also sure that coolies are cleaned out after each closing of the browser.
This has nothing to do with security. This is MSIE paradigm, where scriptlets can do anything on system
> But if very sensitive data is on these servers, they should not be connected to the Internet at all.
This is not even close to what "Trusted" means...

So whats the most secure webrowser that Trusted Solaris use? Is it Firefox? Or Mozilla? Or the Netscape Communicator? I am sure its not secure by default though...

MOST secure browser is a 'cat' command. With 'sed' or 'awk' it can produce quiet readable text from html files :-)

There is no secure browser. But there may be secure platform. Trusted Solaris is secure platform, but not for Internet browsing.
But there may be some more or less  secure platform for the Internet surfing.
I consider platform as secure for surfing if it contains zero sensitive data, has no connections to other hosts (only to the Internet)  and contains no removable writable media.
This approach is used in Internet Cafes. Once a day (or even after each Internet session) platform is reinstalled from scratch. Also CD-based distribution like Knoppix may fit fine for secure browsing.
It may be any OS, any browser. Although it may be compromised (your password may be retrieved from some cache),
but who cares of that.. At least it's more secure than any other  approach (if you like to view graphics, have working JavaScript/Java apps/MMFlash clips, and have full support of other modern features).

> I consider platform as secure for surfing if it contains .. writable media.
you forgot to tell us that "media" in this case includes RAM also!

Consider a JavaScript worm which only resides in the browser process.
Or if any active scripting is disabled, a page which redirects to itself every second  may cause a DoS.
In a paranoid world there is no security :-/
Let's wait what the questioner defines as "secure".

If Trusted Solaris has Nwtscape in it, then why people consider using Firefox or Opera most of the time?

Because Netscape includes instand messenger.

Now lets take Knoppix for example...A bit of off-topic..

Suppose I have Windows, And I load Knoppix CD into the CD drive and it boots up, then everytime I have to set mu Internet connection up everytime I load the Knoppix CD??  If thats the case, than thats a hassle. But its more secure though...And If I dont want the KNOPPIX CD anymore running in the CD drive, how can I eject it or shut the PC down if I dont want to go back to Windows again?

> And If I dont want the KNOPPIX CD anymore running in the CD drive, how can I eject it or shut the PC down if I dont want to go back to Windows again?
use the Power button

There is no such thing as secure  webrowser. You need to use toools such as firewall to secure your box and turn off all the unwanted services, limited port
access from outside of the world.

Seems to be a lot of confusion in this thread. Trusted O/S's like SOLARIS or O/S's in trusted mode like HP-UX have nothing to do with Browsers.

Making statements like 'trusted servers never connect to the internet' is purely subjective. I would imagine that most of the 1000's of UNIX servers that make up the majority of the internet are trusted!!.

A browser is an access point to 'something', the protection of that something and the control over the 'conduit' from browser to something is a very wide subject and is always specific to a given case (firewalls being part of the conduit and things like secure protocols playing a part - not forgetting encryption and server side access controls).

The main security aspect of Browsing is to stop the 'something' that is being browsed from accessing the environment outside of the desired browser environment. In order to achive this many browsers come with different 'security' options, usually the ability to switch off a capability that the browser has - strange that.

In my experience I would say that Firefox has the best security option, currently.

And going back to slajoh01 initial question - are we talking UNIX workstations or PC clients that will be running the browser?.

Cheers
JJ

No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I will leave the following recommendation for this question in the Cleanup topic area:

split between nopius http:#16559860 , gheist http:#16563384 and ahoffmann http:#16568108

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

gheist
EE Cleanup Volunteer