Closed Bug 1678033 Opened 4 years ago Closed 4 years ago

"The application “Firefox Nightly.app” can’t be opened" since 84, 83 works

Categories

(Core :: Widget: Cocoa, defect)

Product:
Core
Component:
Widget: Cocoa
Version:
Firefox 85
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1677633
Tracking Flags:
Tracking Status
firefox83 --- unaffected
firefox84 --- affected

People

(Reporter: ar, Unassigned)

Details

(Keywords: regression, regressionwindow-wanted)

Attachments

(1 file)

codesign -vvvv for 84 and 85
5.52 KB, text/plain
Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Firefox/78.0

Steps to reproduce:

MacOS Catalina: 10.15.7 (19H2)

84 and 85 are failing to open. Two different steps:

I mount the DMG and either
A. open the application.
OR
B. move the application to my applications folder and open then.

Actual results:

The application “Firefox Nightly.app” can’t be opened. Subsequent openings for the same app (if in the Applcations/ folder) it says it's incomplete or corrupted.

Expected results:

It should be able to open.

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → Widget: Cocoa
Product: Firefox → Core

Can you provide the link where you downloaded Firefox?
What is the output from running the following command in Terminal.app:

codesign -vvvv /Applications/Firefox.app

Flags: needinfo?(ar)

https://download.mozilla.org/?product=firefox-nightly-latest-ssl&os=osx&lang=en-US

This is from version 83a

--validated:/Applications/Firefox.app/Contents/MacOS/pingsender
--prepared:/Applications/Firefox.app/Contents/MacOS/firefox-bin
--validated:/Applications/Firefox.app/Contents/MacOS/firefox-bin
--prepared:/Applications/Firefox.app/Contents/MacOS/libfreebl3.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libfreebl3.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libsoftokn3.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libsoftokn3.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libplugin_child_interpose.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libplugin_child_interpose.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libmozavutil.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libmozavutil.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/liblgpllibs.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/liblgpllibs.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libmozglue.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libmozglue.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libosclientcerts.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libosclientcerts.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/plugin-container.app
--validated:/Applications/Firefox.app/Contents/MacOS/plugin-container.app
--prepared:/Applications/Firefox.app/Contents/MacOS/crashreporter.app
--validated:/Applications/Firefox.app/Contents/MacOS/crashreporter.app
--prepared:/Applications/Firefox.app/Contents/MacOS/XUL
--validated:/Applications/Firefox.app/Contents/MacOS/XUL
--prepared:/Applications/Firefox.app/Contents/MacOS/libmozavcodec.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libmozavcodec.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libgraphitewasm.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libnssckbi.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/libnss3.dylib
--prepared:/Applications/Firefox.app/Contents/MacOS/updater.app--prepared:/Applications/Firefox.app/Contents/MacOS/liboggwasm.dylib--validated:/Applications/Firefox.app/Contents/MacOS/libgraphitewasm.dylib

--prepared:/Applications/Firefox.app/Contents/MacOS/minidump-analyzer
--validated:/Applications/Firefox.app/Contents/MacOS/libnssckbi.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/libnss3.dylib

--validated:/Applications/Firefox.app/Contents/MacOS/liboggwasm.dylib
--validated:/Applications/Firefox.app/Contents/MacOS/updater.app
--validated:/Applications/Firefox.app/Contents/MacOS/minidump-analyzer
/Applications/Firefox.app: a sealed resource is missing or invalid
file modified: /Applications/Firefox.app/Contents/Resources/defaults/pref/channel-prefs.js

I'll get the other versions, but I'm writing this comment in the browser currently, give me a moment.

Flags: needinfo?(ar)

Okay, the failures there are tracked in bug 1677036 and shouldn't be the reason why Firefox isn't opening.

Could you restart the system and see if this continues to reproduces? If it does, is there anything printed out to the Console.app? You can find this under /Applications/Utilities.

Flags: needinfo?(ar)

Looks like Cylance (this is a work computer) is blocking the new builds for some reason.

Nov 18 12:39:20 COMPUTERNAME CylanceSvc[164]: Threat:Blocked path:/private/var/folders/z2/s579wdbs1v3g8vnvk_grmzpjwb4mx7/T/AppTranslocation/E129BB63-DC80-4BC0-A953-AFD48D5511A3/d/Firefox Nightly.app/Contents/MacOS/firefox score:-100 running:False, SHA:7A444DAD3BDAF8BACDB04928190F440C32B736A0A0F5F610E39585FBE450D285
Flags: needinfo?(ar)

Ah yes, that is being tracked in bug 1677633.

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE

(In reply to Stephen A Pohl [:spohl] from comment #7)

Ah yes, that is being tracked in bug 1677633.

*** This bug has been marked as a duplicate of bug 1677633 ***

Ahah, thank you for helping me figuring out the cause! I'll wait for that to get resolved before I update for now.

Is it possible to whitelist Firefox in Cylance somewhere? It would be nice if we could confirm that doing so is enough to work around the problem until Cylance fixes their detection.

Flags: needinfo?(ar)

Is it possible to whitelist Firefox in Cylance somewhere?

I believe that in both our cases, it is a company laptop secured by our it staff (it would be funny if we actually were in the same company by coincidence). So at least in my case, temp admin rights are difficult to obtain (and even than I would not be comfortable messing with that given the responsibility). I tried to temporarily turn off the software to see what happens, but it seems that it lingers somehow and instead of the files being deleted/quarantined, they got root:root 600'ed. I don't have access to any Cylance settings, only to some info/about screens.

Yeah, I was guessing that this would require some sort of corporate-level whitelisting. Which is difficult to test, of course :(

I have a ticket in with my sysadmins about this. We'll see what happens. I'm waiting on the OCISO now, as this falls under their jurisdiction.

Flags: needinfo?(ar)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: