Additional preferences for enteprise policies
Categories
(Firefox :: Enterprise Policies, enhancement, P3)
Tracking
()
People
(Reporter: mkaply, Assigned: mkaply)
Details
Attachments
(2 files)
47 bytes,
text/x-phabricator-request
|
lizzard
:
approval-mozilla-beta+
RyanVM
:
approval-mozilla-esr68+
|
Details | Review |
6.43 KB,
patch
|
Details | Diff | Splinter Review |
This is to track additional prefs being added to policy for Firefox 70.
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
These are just suggestions. Are all open to debate.
https://github.com/mozilla/policy-templates/issues/430
browser.bookmarks.autoExportHTML
browser.bookmarks.file
https://github.com/mozilla/policy-templates/issues/428
security.mixed_content.block_active_content
https://github.com/mozilla/policy-templates/issues/427
dom.allow_scripts_to_close_windows
https://github.com/mozilla/policy-templates/issues/410
browser.download.skipConfirmLaunchExecutable
https://github.com/mozilla/policy-templates/issues/363
network.automatic-ntlm-auth.allow-proxies
https://github.com/mozilla/policy-templates/issues/331
browser.bookmarks.file
browser.bookmarks.overwrite
browser.places.importBookmarksHTML
browser.bookmarks.restore_default_bookmarks
https://github.com/mozilla/policy-templates/issues/330
intl.accept_languages
https://github.com/mozilla/policy-templates/issues/284
accessibility.force_disabled
Assignee | ||
Comment 2•5 years ago
|
||
From customers:
browser.safebrowsing.phishing.enabled
browser.safebrowsing.malware.enabled
(and probably additional safebrowsing)
extensions.blocklist.enabled
geo.enabled - What's the difference between this and setting permissions.default.geo?
Assignee | ||
Comment 3•5 years ago
|
||
From another customer:
browser.slowStartup.notificationDisabled
media.eme.enabled
browser.taskbar.previews.enable
print.save_print_settings
Assignee | ||
Comment 4•5 years ago
|
||
Comment 5•5 years ago
|
||
Hey mkaply,
You mentioned that they're open for debate... who ultimately gets the call on which preferences get added here? Is that Product's call, or Engineering?
Assignee | ||
Comment 6•5 years ago
|
||
You mentioned that they're open for debate... who ultimately gets the call on which preferences get added here? Is that Product's call, or Engineering?
We don't really have a set process, but ultimately engineering gets to decide.
The reason these various prefs come up at all is because in the past they've been able to set any pref they want. I'm trying to avoid opening that can of worms (Although it has been discussed).
So if you feel strongly one way or another, I definitely want to hear feedback.
I placed the Github links in so we could see why people are requesting things.
For most of these, any app could have set them in a users profile, so there usually aren't any security issues. It's just if we think that it's a bad idea for someone to mess with a particular pref.
As a side note, the reason folks turn off things like blocklist, phishing, etc. is so that machines don't make any connections to the internet.
Pushed by mozilla@kaply.com: https://hg.mozilla.org/integration/autoland/rev/ecdcbc7f1bd6 Additional preferences managed by policy requested by users. r=mconley
Assignee | ||
Comment 8•5 years ago
|
||
Comment on attachment 9098924 [details]
Bug 1577149 - Additional preferences managed by policy requested by users.
Beta/Release Uplift Approval Request
- User impact if declined: I realize this is late. I was waiting to finalize the list.
This list of prefs is to help admins migrate to ESR68 from 60.
I'd like it in 70 since it is the build that corresponds to the next ESR - Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This just updates our existing list of prefs. Enterprise policy only.
- String changes made/needed:
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Policy only, helps when migrating from 60 to 68
- User impact if declined: This list of prefs is to help admins migrate to ESR68 from 60.
I'd like it in 70 since it is the build that corresponds to the next ESR - Fix Landed on Version: 71
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This just updates our existing list of prefs. Enterprise policy only.
- String or UUID changes made by this patch:
Comment 9•5 years ago
|
||
OK, let's give it a shot in beta before the esr uplift
Updated•5 years ago
|
Comment 10•5 years ago
|
||
Got conflicts when trying to uplift.
Could you, please, provide a updated patch?
patching file browser/components/enterprisepolicies/tests/xpcshell/test_simple_pref_policies.js
Hunk #3 FAILED at 148
Hunk #4 FAILED at 157
2 out of 4 hunks FAILED -- saving rejects to file browser/components/enterprisepolicies/tests/xpcshell/test_simple_pref_policies.js.rej
patching file browser/components/enterprisepolicies/schemas/policies-schema.json
Hunk #1 succeeded at 272 with fuzz 2 (offset 216 lines).
patching file browser/components/enterprisepolicies/Policies.jsm
Hunk #1 FAILED at 111
1 out of 2 hunks FAILED -- saving rejects to file browser/components/enterprisepolicies/Policies.jsm.rej
abort: patch failed to apply
Comment 11•5 years ago
|
||
bugherder |
Assignee | ||
Comment 12•5 years ago
|
||
Sorry about that. This patch has been built and tested on beta and esr68.
Comment 13•5 years ago
|
||
bugherder uplift |
Updated•5 years ago
|
Updated•5 years ago
|
Comment 14•5 years ago
|
||
Comment on attachment 9098924 [details]
Bug 1577149 - Additional preferences managed by policy requested by users.
Adds more prefs for admins to control via policy. Approved for 68.2esr.
Assignee | ||
Comment 15•5 years ago
|
||
Please make sure the second attachment is used:
https://bug1577149.bmoattachments.org/attachment.cgi?id=9100155
Comment 16•5 years ago
|
||
bugherder uplift |
Updated•5 years ago
|
Updated•5 years ago
|
Comment 17•5 years ago
|
||
Hello,
Confirming this issue as verified fixed. Checked this issue on Windows 10x64, Ubuntu 16.04x64 and macOS 10.14 with the following builds:
72.0a1 (2019-10-22) (buildID: 20191022214314)
68.2.0esr (buildID: 20191016163237)
71.0b3 (buildID: 20191021164841)
70.0 (buildID: 20191016161957)
Updated•5 years ago
|
Description
•