[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Progress on broken bundled extensions
From: |
Amin Bandali |
Subject: |
Re: Progress on broken bundled extensions |
Date: |
Thu, 21 Nov 2019 22:20:34 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Hi Mark,
Mark H Weaver <address@hidden> writes:
> Hi Amin,
>
[...]
>
> There seems to be a misunderstanding here.
>
Indeed! I was under the (false) impression
that `xpinstall.signatures.required' is only a
build-time option that's no longer available
during run-time. It appears that this is true
for builds with "--enable-official-branding",
but not for "unbranded versions" like ours.
At least that's what I gathered from Mozilla's
Extension Signing FAQ at
https://wiki.mozilla.org/Add-ons/Extension_Signing#FAQ.
Sorry for the noise; I stand corrected.
>
> 'xpinstall.signatures.required' is a run-time user-configurable option
> in <about:config>. All I've done is to change its *default* value for
> IceCat. If you want to install an add-on that Mozilla won't sign, you
> can simply go into <about:config> and set
> 'xpinstall.signatures.required' to 'false'.
>
> There are various other options as well, including the "Load Temporary
> Add-on..." button in <about:debugging>.
>
> I could say more on this. I've begun to familiarize myself with the
> relevant code, and there are many options open to us, and various
> policies we could decide upon.
>
> For example, if we built IceCat with
> "--with-unsigned-addon-scopes=app,system" (not quite the same as what I
> wrote above), then addons within the system-wide extensions directory
> would also not be checked for signatures, even when
> 'xpinstall.signatures.required' is set to 'true'. We could also change
> those more fine-grained settings into run-time configurable settings.
>
> I can also see how to add the ability for users to install their own
> personal signing certificates, to allow adding their own extensions
> without going through Mozilla, while retaining the security advantages
> of requiring signed extensions.
>
> There are a lot of options open to us, but for now I just wanted to
> mention that 'xpinstall.signatures.required' remains run-time
> configurable.
>
Thanks for your thorough explanations, Mark.
I'm very happy to hear that we have a multitude
of options available to us for this, and I'm
all for having more fine-grained settings about
this once the higher-priority tasks are taken
care of.
>
> Regards,
> Mark
>
Best,
amin