I got stuck at finding a web browser that wasn't severely out last time that I tried OpenBSD as a daily driver workstation. This was about two years ago, and it wasn't a definite thing that it could even run Firefox.
Does anybody here know if this issue has been fixed? Having a reliable, up to date, secure web browser (well, as secure as a web browser can be - up to date with the browser's own security updates) was the only thing that was holding me back from using it as a workstation. I had no problem back then using it as a server, but I couldn't justify running OpenBSD on my servers and Debian unstable on my desktop.
The latest obsd version (6.6, or the one just before, 6.5) makes package updates easier without running -current. So it probably depends on if that maintainer has kept them current during the release period. I haven't followed that closely to know how much that has been the case.
But see my comments elsewhere in this discussion page for why I value obsd's pledge/unveil browser mods and lack of privilege escalation more important than having the latest browser fixes (which I also value, but relatively less).
I see firefox in the list of available packages (which list is something like 8000 long, last I recall). Iridium is also available (like Chrome but seems usually a slightly older version, with enhanced privacy like not sending info to Google). Iridium + pledge/unveil have been appealing to me, though I keep Chromium on hand in case something doesnt work right.
Firefox may be there, but is it the ESR version and is that up to date? OpenBSD does not seem to update ports for the -release branch, so that doesn't really work for me as I want the latest security fixes from the browser vendor.
Same goes for Chromium. I don't mind missing features. What I do mind is being behind on security patches.
What's the point of using OpenBSD (which is security focused) as a workstation when I can just be pwned by the latest browser bug?
I'm not a firefox user (edit: currently anyway; more below on that), but the firefox version on openbsd 6.5 is 67.0.4, and firefox-esr 60.8.0 and 60.9.0, for what it's worth. I need to upgrade to obsd 6.6 sometime, and that probably has a later version (checking... I see on the obsd 6.6 packages lists both firefox 69.0.2 and firefox-esr 68.1.0 and 68.2.0. In the last release cycle, obsd has made package upgrades easier between the 6-monthly system releases, but I don't know if that would meet your needs exactly.
For me, the point is as described elsewhere on this discussion (search for "lcall"): obsd is really good at isolation of users, and limiting potential damage by processes within a user's space, which I think of (at least on obsd) much more reliable than what a browser would do alone. So, I do my browsing in a user account that doesn't have access to the most important other things. If I do something like banking, I do that in a separate user account that does only that or only things at that level of security, separately from general browsing. And I mostly have images/javascript turned off when I do general browsing.
In my comment history there is another about why I use Iridium (or chromium sometimes) instead of firefox, with a question where you might know more than I.
(At my site lukecall.net , in the page footer is my email address if you have questions later that I might be able to answer.)
edit: ps: the way I separate users does involve extra work though, but now that the work is done I like it.
Does anybody here know if this issue has been fixed? Having a reliable, up to date, secure web browser (well, as secure as a web browser can be - up to date with the browser's own security updates) was the only thing that was holding me back from using it as a workstation. I had no problem back then using it as a server, but I couldn't justify running OpenBSD on my servers and Debian unstable on my desktop.