[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Progress on broken bundled extensions

From: Amin Bandali
Subject: Re: Progress on broken bundled extensions
Date: Thu, 21 Nov 2019 22:20:34 -0500
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Hi Mark,

Mark H Weaver <address@hidden> writes:

> Hi Amin,
> There seems to be a misunderstanding here.

Indeed!  I was under the (false) impression
that `xpinstall.signatures.required' is only a
build-time option that's no longer available
during run-time.  It appears that this is true
for builds with "--enable-official-branding",
but not for "unbranded versions" like ours.
At least that's what I gathered from Mozilla's
Extension Signing FAQ at

Sorry for the noise; I stand corrected.

> 'xpinstall.signatures.required' is a run-time user-configurable option
> in <about:config>.  All I've done is to change its *default* value for
> IceCat.  If you want to install an add-on that Mozilla won't sign, you
> can simply go into <about:config> and set
> 'xpinstall.signatures.required' to 'false'.
> There are various other options as well, including the "Load Temporary
> Add-on..." button in <about:debugging>.
> I could say more on this.  I've begun to familiarize myself with the
> relevant code, and there are many options open to us, and various
> policies we could decide upon.
> For example, if we built IceCat with
> "--with-unsigned-addon-scopes=app,system" (not quite the same as what I
> wrote above), then addons within the system-wide extensions directory
> would also not be checked for signatures, even when
> 'xpinstall.signatures.required' is set to 'true'.  We could also change
> those more fine-grained settings into run-time configurable settings.
> I can also see how to add the ability for users to install their own
> personal signing certificates, to allow adding their own extensions
> without going through Mozilla, while retaining the security advantages
> of requiring signed extensions.
> There are a lot of options open to us, but for now I just wanted to
> mention that 'xpinstall.signatures.required' remains run-time
> configurable.

Thanks for your thorough explanations, Mark.
I'm very happy to hear that we have a multitude
of options available to us for this, and I'm
all for having more fine-grained settings about
this once the higher-priority tasks are taken
care of.

>      Regards,
>        Mark


reply via email to

[Prev in Thread] Current Thread [Next in Thread]