Re: Evil side of Firefox extensions

[Michael Ekstrand <lists () elehack net>]

On Wed, 01 Mar 2006 21:12:28 +0100
"azurIt" <azurit () pobox sk> wrote:
> I was primary talking about the internet clubs. FFsniFF was tested on
> _one_ computer in local internet club: About 30 sniffed accounts
> (mostly mail and chat accounts) in two days.
> There are also another ways how extensions can be installed into your
> browser. For example by a some kind of viruses.
>
> The only thing which I wanted to say is that there should be a way
> how to disallow installation of extensions by anyone.

A few solutions here, without modifying firefox:

First, some kinda of disk-clean-on-reboot thing, and reboot regularly
(if not every time someone's done using the machine). Practical in some
places (university computer labs), not in others (might cause problems
in a club).

A practical revision of that: have the Firefox launch icon launch
Firefox from a freshly-copied, pristine profile. Every time Firefox
closes, the profile gets wiped and reinstated on its next run. This can
be done securely - the profile could even reside in a PGP-signed ZIP
file that gets unpacked on app launch. Or, on certain *Nix systems
(esp. OpenBSD), a clever use of auto-erased union mounts could do the
trick.

Second idea: more fine-grained locking of the permissions on the
Firefox profile directories. Deny the kiosk user permission to write to
the extensions directory in the firefox profile, but let them write to
the cache, etc. The fresh-profile solution is probably better though.

It may be useful for Firefox to have a "kiosk" mode where extensions,
preferences, etc. are locked; however, a lot of this can be achieved
with a fresh profile each startup.

- Michael

-- 
mouse, n: a device for pointing at the xterm in which you want to type.
                -- Fortune