[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Progress on broken bundled extensions

From: Amin Bandali
Subject: Re: Progress on broken bundled extensions
Date: Thu, 21 Nov 2019 21:04:45 -0500
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Mark H Weaver <address@hidden> writes:

> Hello fellow Gnuzillians,
> I've pushed several commits to the '68'
> branch on Savannah.  They fix various issues,
> but most notably: The bundled extensions now
> work.

Thanks so much for your great work, Mark!

> Also, I removed the IceCat-specific
> customization that sets
> 'xpinstall.signatures.required' to false.  In
> its place, at least for now, IceCat will need
> to be configured with the more fine-grained
> mozconfig option
> --with-unsigned-addon-scopes=app, which
> disables signature checking for extensions
> that are bundled with IceCat.

I think we should all have a discussion about
this feature.  As it stands, I'm personally in
favour of keeping it disabled (not requiring
signatures when installing add-ons), for the
following reasons:

- Having this disabled was what saved IceCat
  users earlier this year, when Mozilla failed
  to renew their intermediate signing cert and
  as a result, almost all add-ons of every
  Firefox user was automatically disabled.
  Many may have perceived this merely as an
  inconvenience, but far more importantly,
  add-ons like LibreJS, uBlock Origin (ad
  blocker), uMatrix (advanced control interface
  for fine control over what kinds of requests
  and for what sources and targets are allowed
  or disallowed to be made by the browser) all
  getting disabled left their users exposed and
  defenceless against proprietary JS and all
  kinds of malware out there.  Mozilla's quick
  fix for this was using a backdoor called
  Normandy to inject their new intermediate
  signing certificate into users' browsers so
  they could use their add-ons again.

- Mozilla's recent track record doesn't inspire
  my confidence in them, and I personally would
  prefer to not put all my eggs in one basket
  when it comes to a single entity having the
  say about what add-ons I can or cannot run.
  I still think some sort of measure would be
  nice to have and is probably even necessary,
  but I *really* don't want to have no option
  but to rebuild my entire browser in order to
  install an add-on that Mozilla may think I
  should not install.

  I think GNU/Linux distributions have to some
  extent figured this out from a few different
  perspectives, such as:

  1. having a concept of repositories, where
     maintainers and/or trusted developers of
     the distribution make `official' packages
     available for users of the distro, but
     also allow users to install software from
     elsewhere if they really need to (e.g. apt
     repos for Debian-based distros, channels
     for Guix, and so on); and

  2. having some sort of keyring or another
     mechanism for having less centralized
     control on who gets to make the decision
     about which add-ons are `officially
     endorsed/okayed' for installation by all
     users and which aren't.

I'm interested in hearing everyone's thoughts
on this.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]