Daniel Veditz wrote:
site level filtering ... we're still arguing
Where?
___
Mozilla-security mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-security
Daniel Veditz wrote:
Figuring out an appropriate UI and security model is tough. When sites
offered .exe downloads we used to force people to explicitly save them and
launch them using the OS. This was to discourage stu^H^H^Hinexperienced
people from running any malware they ran across, with a
Daniel Veditz wrote:
Robert Mohr wrote:
mrhappy wrote:
It would be really good if there was a default setting of silent ignore for xpi's
It's not the default and never will be, but you can set
'xpinstall.enabled' to false in about:config.
It is not now the default, but never say never--we
James Graham wrote:
The fundamental difference between exe files and xpinstall files is
that, from a user point of view, xpinstall is only a mechanism for
installing stuff into the browser.
Then we need to change the impression: XPInstall is a general purpose
install engine, originally
Ben Bucksch wrote:
Daniel Veditz wrote:
site level filtering ... we're still arguing
Where?
Ben and I, in person. Actually the argument's pretty much over, there's not
much point in doing the work if the default (which 99% don't change) is to
work the same way as today.
Daniel Veditz wrote:
Ben and I, in person. Actually the argument's pretty much over, there's not
much point in doing the work if the default (which 99% don't change) is to
work the same way as today.
I don't know about FireFox GUI, but please, please, if you do it as
white list, *don't* add