Closed Bug 1244329 Opened 4 years ago Closed 4 years ago

Flip the preference to on for requiring signed addons

Categories

(Firefox for Android :: General, defect)

defect
Not set

Tracking

()

VERIFIED FIXED
Firefox 47
Tracking Status
firefox45 - wontfix
firefox46 + verified
firefox47 + verified
relnote-firefox --- 46+
fennec 46+ ---

People

(Reporter: andy+bugzilla, Assigned: Margaret)

References

Details

Attachments

(1 file)

All add-ons on AMO are now signed. Following the procedure with Desktop, let's turn on signing for Android by flipping the flag

xpinstall.signatures.required
 
Users will still be able to turn it off. Let's test it out in nightly and so on and let in ride the trains.
Assignee: nobody → margaret.leibovic
tracking-fennec: --- → ?
Attachment #8716309 - Flags: review?(mark.finkle) → review+
Comment on attachment 8716309 [details]
MozReview Request: Bug 1244329 - Flip the preference to on for requiring signed addons. r=mfinkle

https://reviewboard.mozilla.org/r/33795/#review30517
https://hg.mozilla.org/integration/fx-team/rev/d0ed2f83c82c79c45d7e6430e5f6a22b6a59e3d7
Bug 1244329 - Flip the preference to on for requiring signed addons. r=mfinkle
https://hg.mozilla.org/mozilla-central/rev/d0ed2f83c82c
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 47
[Tracking Requested - why for this release]: Getting this on the release management radar because we've talked about uplifting this to beta.

Barbara/Andy, is that still the plan? I still see the Aha! card for this is in the 45 column.
Flags: needinfo?(bbermes)
Flags: needinfo?(amckay)
(In reply to :Margaret Leibovic from comment #6)
> [Tracking Requested - why for this release]: Getting this on the release
> management radar because we've talked about uplifting this to beta.
> 
> Barbara/Andy, is that still the plan? I still see the Aha! card for this is
> in the 45 column.

I'd be interested to see how this works for users and get some QA feedback. 45 is coming pretty darn soon.
Flags: needinfo?(amckay)
so not in 45 currently right? and in 47. any chance of moving this to 46? let me know so joni and i can document whatever you decide in SUMO
Duplicate of this bug: 1190844
I'm fine with 45 or 46, whatever is possible.
Flags: needinfo?(bbermes)
tracking-fennec: ? → 46+
It is too late for 45, please target 46 and submit the uplift request quickly so that it is in the first beta.
Verified as fixed using:
Device: Nexus 6 (Android 6.0)
Build: Firefox for Android 47.0a1 (2016-02-14)

With "xpinstall.signatures.required=true" by default trying to install Crash Me add-on, the following message is displayed: "Nightly has prevented people.mozilla.org from installing an unverified add-on. Learn more". Learn more links redirects the user to the "Add-on signing in Firefox for Android" post. 
With "xpinstall.signatures.required=false , Crash Me add-on is installed.
Comment on attachment 8716309 [details]
MozReview Request: Bug 1244329 - Flip the preference to on for requiring signed addons. r=mfinkle

Approval Request Comment
[Feature/regressing bug #]: None.

[User impact if declined]: Users can install unsigned add-ons.

[Describe test coverage new/current, TreeHerder]: Baked on Nightly for a bit. Not much automated test coverage on mobile, but we have tested the bits pieces manually.

[Risks and why]: Potential risk of people's add-ons breaking if they haven't been signed. But we probably won't get more data on this until this is on beta, so we should uplift sooner rather than later.

[String/UUID change made/needed]: None.
Attachment #8716309 - Flags: approval-mozilla-aurora?
Comment on attachment 8716309 [details]
MozReview Request: Bug 1244329 - Flip the preference to on for requiring signed addons. r=mfinkle

Turns on addon signing, let's see if we can shake out any problems in aurora.
Attachment #8716309 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Tracking as well since this is a new feature for android.
Kev or Margaret, can you suggest wording for a release note?
Flags: needinfo?(margaret.leibovic)
Flags: needinfo?(kev)
Verified as fixed in build 46 Beta 7;
Device: LG G4 (Android 5.1).
Status: RESOLVED → VERIFIED
(In reply to Liz Henry (:lizzard) (needinfo? me) from comment #17)
> Kev or Margaret, can you suggest wording for a release note?

Kev is better qualified than I am to answer this question, but maybe something like "Prevent installation of unverified add-ons"?
Flags: needinfo?(margaret.leibovic)
Release Note Request (optional, but appreciated)
[Why is this notable]:  Users will certainly notice it when they try to install an unsigned addon. 
[Suggested wording]:  Prevent installation of unverified add-ons
[Links (documentation, blog post, etc)]:  (Probably something on AMO... kev, want to pick a post or write a new one?)
relnote-firefox: --- → ?
Kev, do we have a blog post or something to point to from 46 release notes?
Yes, included. Also recommend slight modification to wording. Installed add-ons that are not signed will be disabled. Attempts to install unsigned add-ons will fail. Just wanted to make it a little clearer that any unsigned addons will no longer work. Preference to disable signing enforcement is outlined in the FAQ in the link.


[suggested wording] - By default, add-ons that have not been verified and signed by Mozilla will not load in Firefox for Android.
[links]: https://blog.mozilla.org/addons/2016/03/17/add-on-signing-enforcement-in-firefox-46-for-android/
Flags: needinfo?(kev)
You need to log in before you can comment on or make changes to this bug.