[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Progress on broken bundled extensions
From: |
Amin Bandali |
Subject: |
Re: Progress on broken bundled extensions |
Date: |
Thu, 21 Nov 2019 21:04:45 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Mark H Weaver <address@hidden> writes:
> Hello fellow Gnuzillians,
>
> I've pushed several commits to the '68'
> branch on Savannah. They fix various issues,
> but most notably: The bundled extensions now
> work.
Thanks so much for your great work, Mark!
>
> Also, I removed the IceCat-specific
> customization that sets
> 'xpinstall.signatures.required' to false. In
> its place, at least for now, IceCat will need
> to be configured with the more fine-grained
> mozconfig option
> --with-unsigned-addon-scopes=app, which
> disables signature checking for extensions
> that are bundled with IceCat.
>
I think we should all have a discussion about
this feature. As it stands, I'm personally in
favour of keeping it disabled (not requiring
signatures when installing add-ons), for the
following reasons:
- Having this disabled was what saved IceCat
users earlier this year, when Mozilla failed
to renew their intermediate signing cert and
as a result, almost all add-ons of every
Firefox user was automatically disabled.
Many may have perceived this merely as an
inconvenience, but far more importantly,
add-ons like LibreJS, uBlock Origin (ad
blocker), uMatrix (advanced control interface
for fine control over what kinds of requests
and for what sources and targets are allowed
or disallowed to be made by the browser) all
getting disabled left their users exposed and
defenceless against proprietary JS and all
kinds of malware out there. Mozilla's quick
fix for this was using a backdoor called
Normandy to inject their new intermediate
signing certificate into users' browsers so
they could use their add-ons again.
- Mozilla's recent track record doesn't inspire
my confidence in them, and I personally would
prefer to not put all my eggs in one basket
when it comes to a single entity having the
say about what add-ons I can or cannot run.
I still think some sort of measure would be
nice to have and is probably even necessary,
but I *really* don't want to have no option
but to rebuild my entire browser in order to
install an add-on that Mozilla may think I
should not install.
I think GNU/Linux distributions have to some
extent figured this out from a few different
perspectives, such as:
1. having a concept of repositories, where
maintainers and/or trusted developers of
the distribution make `official' packages
available for users of the distro, but
also allow users to install software from
elsewhere if they really need to (e.g. apt
repos for Debian-based distros, channels
for Guix, and so on); and
2. having some sort of keyring or another
mechanism for having less centralized
control on who gets to make the decision
about which add-ons are `officially
endorsed/okayed' for installation by all
users and which aren't.
I'm interested in hearing everyone's thoughts
on this.
Cheers,
amin