💾 Archived View for thrig.me › software › w3m.gmi captured on 2023-11-04 at 12:20:43. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-04-19)
-=-=-=-=-=-=-
w3m is a text-based web browser, a welcome change from the resource hungry and user hostile "heavyweight champion" browsers such as Chromium or Firefox. (Chrome is not available on OpenBSD.) w3m has various problems, such as not yet supporting puny code links, no official support for gemini, and not a very good security model.
I mostly use w3m to browse the web; firing up Firefox prompts the question "do I really need to listen to the CPU fan scream?" which most often boils down to "no". If a site is broken and mandates JavaScript, eh, it's probably not worth my time. There's too much to read in text-only form.
git clone https://github.com/tats/w3m
git branch mycrazymods
And then when upstream updates:
git checkout master
git pull
git checkout mycrazymods
git rebase master
And fix any conflicts, good luck!
<Cadey> Hello! Thank you for visiting my website. You seem to be using an ad-blocker.
Nope, my w3m has no ad-blocker whatsoever.
Good enough to be usable though could use better TOFU support so one need not "always accept" all those self-signed certificates. Mostly I use amfora instead for gemini, which is a bit awkward to have to switch between amfora or w3m.
https://rkta.de/w3m-gemini.html
ftp https://rkta.de/assets/gemini.patch
less gemini.patch
patch < gemini.patch
rm *.orig
The security of w3m is not good; external commands route through system(3) which will allow an attacker to run most anything they please, and w3m can read from the entire filesystem, ~/.ssh for example. For this reason w3m should be run in a chroot or container to limit access to the resources of the host operating system, or if anything as a distinct user from your main account (who does not have permission to read your ~/.ssh files), but a chroot or container would be better. Or even a qemu virt that can be reset back to a known state.
On OpenBSD I have patched w3m to use pledge(2) and unveil(2); only several programs can be called out to and only via execl(3); `vi -S` (form edits) and two other commands that put strings into the X11 or tmux paste buffers. Also with unveil w3m has very limited access to the filesystem, only enough to start itself and read access to a few other areas, /usr/local/share/doc/clisp-hyperspec for example.