On Thu, 2015-02-12 at 09:54 -0500, Miloslav Trmač wrote: > > or simply exempt signature checking if > > the extension is on disk. They should check on download only. > > That would defeat the entire purpose; malware is very commonly sideloading > extensions.
Malware can easily binary patch firefox to ignore verification, I do not think trying to defeat sideloading with this kind of verification makes much sense. Of course you may decide to exempt only extensions in non-user-writable locations, if you are on Linux and the Firefox binary is read-only for the user. Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
