Firefox addon signing
leamas.alec at gmail.com
Thu Feb 12 15:57:09 UTC 2015
On 12/02/15 16:53, Simo Sorce wrote:
> Malware can easily binary patch firefox to ignore verification, I do not
> think trying to defeat sideloading with this kind of verification makes
> much sense.
> Of course you may decide to exempt only extensions in non-user-writable
> locations, if you are on Linux and the Firefox binary is read-only for
> the user.
Besides the technical issues, what does upstream permit? Since we havn't
re-branded firefox, are we free to modify this whatever way we want? I
can see the argument for upstream to limit such modifications without
More information about the devel