Files used by installer/updater aren't signed
Categories
(Firefox :: Enterprise Policies, enhancement)
Tracking
()
People
(Reporter: konto78, Unassigned)
Details
Steps to reproduce:
Installed FF 94.0.1 and updated to current version using updater.
Actual results:
I'm preparing to WDAC implementation. For now starting with simple audit policies blocking programs in user writable folders. FF 94.0.1 updater is using user profile temporary directory as working folder for update and used files CityHash.dl UserInfo.dll ShellLink.dll System.dll aren't signed what makes them problem. I added them by hash for now but:
- this ends when files are modified
- Thunderbird is using same update method, so problem is there too and aparently files UserInfo.dll and System.dll are already different between Firefox 94 and Thunderbird 91.
Expected results:
Files signed with Mozilla certificate can be easy added to WDAC policy as trusted by using mentioned certificate.
Comment 1•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Firefox::Enterprise Policies' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
Comment 2•3 years ago
|
||
Hello! Thank you for submitting this issue I will mark this as NEW for our developers to look more into it and take it into consideration for further releases.
Thank you!
Updated•3 years ago
|
Description
•