Closed
Bug 1374039
Opened 7 years ago
Closed 7 years ago
Port bug 394984 to TB [Enable any admin user on OSX to update Firefox, front-end and updater changes]
Categories
(Thunderbird :: Installer, enhancement)
Tracking
(Not tracked)
RESOLVED
FIXED
Thunderbird 57.0
People
(Reporter: Paenglab, Assigned: Paenglab)
Details
Attachments
(1 file)
10.61 KB,
patch
|
Fallen
:
review+
stefanh
:
feedback+
|
Details | Diff | Splinter Review |
This is a bug I think we need to port.
Assignee | ||
Comment 1•7 years ago
|
||
I ported all changes from browser except the ones in browser/base/content/browser.js. This, I think, are only for the update infos in their AppMenu. Stefan, please can you check, if this patch should have all the needed changes?
Assignee: nobody → richard.marti
Status: NEW → ASSIGNED
Attachment #8878867 -
Flags: review?(philipp)
Attachment #8878867 -
Flags: feedback?(stefanh)
Comment 2•7 years ago
|
||
Comment on attachment 8878867 [details] [diff] [review] OSXinstaller.patch Yes, from what I can see it ports all the relevant changes. Note that I'm not familiar with this code so I basically did the same comparison as you did.
Attachment #8878867 -
Flags: feedback?(stefanh) → feedback+
Comment 3•7 years ago
|
||
Comment on attachment 8878867 [details] [diff] [review] OSXinstaller.patch Review of attachment 8878867 [details] [diff] [review]: ----------------------------------------------------------------- r+ with this comment considered: ::: mail/app/macbuild/Contents/Info.plist.in @@ +65,5 @@ > <string>GeckoNSApplication</string> > + <key>SMPrivilegedExecutables</key> > + <dict> > + <key>org.mozilla.updater</key> > + <string>identifier "org.mozilla.updater" and ((anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9]) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13] and certificate leaf[subject.OU] = "43AQ936H96"))</string> Do we have the same certificate information? I suspect yes, but would be good to get confirmation on this.
Attachment #8878867 -
Flags: review?(philipp) → review+
Assignee | ||
Comment 4•7 years ago
|
||
(In reply to Philipp Kewisch [:Fallen] from comment #3) > Comment on attachment 8878867 [details] [diff] [review] > OSXinstaller.patch > > Review of attachment 8878867 [details] [diff] [review]: > ----------------------------------------------------------------- > > r+ with this comment considered: > > ::: mail/app/macbuild/Contents/Info.plist.in > @@ +65,5 @@ > > <string>GeckoNSApplication</string> > > + <key>SMPrivilegedExecutables</key> > > + <dict> > > + <key>org.mozilla.updater</key> > > + <string>identifier "org.mozilla.updater" and ((anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9]) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13] and certificate leaf[subject.OU] = "43AQ936H96"))</string> > > Do we have the same certificate information? I suspect yes, but would be > good to get confirmation on this. Stephen, please can you confirm this is true? I know too less of this things.
Flags: needinfo?(spohl.mozilla.bugs)
Comment 5•7 years ago
|
||
I don't know who's responsible for signing TB binaries and could verify this. Ben, do you know?
Flags: needinfo?(spohl.mozilla.bugs) → needinfo?(bhearsum)
Comment 6•7 years ago
|
||
(In reply to Stephen A Pohl [:spohl] from comment #5) > I don't know who's responsible for signing TB binaries and could verify > this. Ben, do you know? Based on what I see in build logs (https://archive.mozilla.org/pub/firefox/tinderbox-builds/mozilla-release-l10n/release-mozilla-release_firefox_macosx64_l10n_repack-bm82-build1-build178.txt.gz and https://archive.mozilla.org/pub/thunderbird/candidates/52.2.1-candidates/build1/logs/release-comm-esr52-macosx64_build-bm84-build1-build7.txt.gz), it appears they are signed with the same certificate.
Flags: needinfo?(bhearsum)
Assignee | ||
Comment 7•7 years ago
|
||
Ben and Stephen, thank you for looking into this. So I think, we are safe to land it as it is.
Keywords: checkin-needed
Pushed by mozilla@jorgk.com: https://hg.mozilla.org/comm-central/rev/cc50be271afa Port bug 394984 to TB [Enable any admin user on OSX to update Firefox, front-end and updater changes]. r=philipp
Updated•7 years ago
|
Target Milestone: --- → Thunderbird 57.0
You need to log in
before you can comment on or make changes to this bug.
Description
•