Mike Henley wrote:<snip/>
Yes, it can. Our TrustBar is in mozdev, and while it is of course not doing anything like that (on the contrary, it improves your security), there is nothing preventing us from uploading a malicious version.
Well, maybe you should add your source on mozdev.org, because that makes things less complicated for people that like to check you code!
Well, there was a short process to get us on mozdev; I'm not sure if they checked our personal credentials (don't think they did) and they definitely didn't go over the code.
I did ;)
/HJ _______________________________________________ Mozilla-security mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-security
