Closed Bug 454769 Opened 12 years ago Closed 4 years ago

Warn user that a third party plugin has been installed and allow disabling

Categories

(Core :: Plug-ins, enhancement)

enhancement
Not set
normal

Tracking

()

RESOLVED INCOMPLETE

People

(Reporter: stream, Unassigned)

References

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Build Identifier: 

Since I tried Google Chrome, it installed a plugin Google Update, which I definitely dont need inside Firefox and dont know why its there. I even saw it accidentally in plugins list. I dont like the idea that a plugin could be installed so easy and silently in Firefox.

Please let the user decide what plugins want before they are listed in plugins list.

Reproducible: Always
Component: Plugin Finder Service → Plug-ins
Product: Toolkit → Core
QA Contact: plugin.finder → plugins
Version: unspecified → 1.9.0 Branch
Google Chrome is an application based on Mozilla Firefox. From what I understand, you install it as a stand-alone application on your computer. Firefox can't stop other applications or extensions (or trojans or viruses) from modifying it's behavior.

By installing Google Chrome you gave that application permission to change your configuration. Either Google asked for it (as they normally do when trying to push their Google Toolbar or Google Updater software) or they didn't ask for it, in which case you should file a bug with Google.
Yeah exactly "Firefox cant stop them" http://arstechnica.com/news.ars/post/20081205-new-trojan-targets-firefox-masquerades-as-greasemonkey.html

But at least Firefox could *ask* the user before install them!
 (In reply to comment #0)
> Since I tried Google Chrome, it installed a plugin Google Update, which I

Google Chrome does indeed silently install a plugin into Firefox's plugins directory.

> Please let the user decide what plugins want before they are listed in plugins
> list.

Let's ignore the Chrome issue, as the rest of these comments aren't actually germane to the issue at hand (and full of technical inaccuracies).

I'm sure there's a duplicate bug on this. I'm not sure that we want to do this, as what's actually happening is:

 - the user downloads some software
 - that software installs components in our plugins directory

The reporter is proposing that the next time Firefox starts, we confirm that plugin needed to be installed. While a good security feature, if you think of the plugin as something like Flash or another media player, this will quickly become an annoyance and turn into a "whatever" dialog that users simply click through.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: DUPEME?
In the case with Goole Chrome the plugin is NOT in the Firefox directory. I really dont know how the Google Update is detected as plugin but as I remember the file was somewhere in the folder Application Data.
OS: Windows XP → All
Hardware: x86 → All
Version: 1.9.0 Branch → Trunk
(In reply to comment #3)

> The reporter is proposing that the next time Firefox starts, we confirm that
> plugin needed to be installed. While a good security feature, if you think of
> the plugin as something like Flash or another media player, this will quickly
> become an annoyance and turn into a "whatever" dialog that users simply click
> through.

Maybe a whitelist from AMO could solve this potential issue?
Depends on: 256509
This is basically bug 476430 but we are likely to have to treat plugins differently (since we don't detect new ones during startup) so it makes sense to deal with this in a separate bug.
Depends on: 476430
No longer depends on: 256509
Summary: Install plugin after user permission → Warn user that a third party plugin has been installed and allow disabling
Whiteboard: DUPEME?
(In reply to comment #6)
> This is basically bug 476430 but we are likely to have to treat plugins
> differently (since we don't detect new ones during startup) so it makes sense
> to deal with this in a separate bug.

I was just on the way to change the summary for all addons, my intention when reporting this bug was not only for plugins, but for every addon. For example Java installs one extension and one plugin at once. After reading your comment that the plugins have to be separated from extensions and there is already another bug 476430, better to stay that way with the updated summary which you made.
Duplicate of this bug: 599839
Here is one interesting article:
http://weblogs.mozillazine.org/asa/archives/2010/11/firefox_plugins_that.html

In the comments someone says that there is extension which notifies the user when plugin is installed:
https://addons.mozilla.org/en-US/firefox/addon/46214/
Duplicate of this bug: 644170
Duplicate of this bug: 815574
Sorry, I filed #815574.
This issue has been around for years, and nothing has changed so far.
Only cick-to-play may have some effect on plugins that require content from pages been fed to them. I doubt that Google Update does, however.

I want to stress that not only a warning must be presented, but those plugins disabled until I want them there. Not a single bit of data may seep from my browser to something I never wished to install.

Please, this is a hole in security. How about Mozilla's mission to "take back the web"? You have no control of what those things might do to your browser. Or can someone explain when data are transmitted between Firefox and plugins?

Shouldn't Mozilla be ahead of the others in matters of security and openness? When it comes to what's been installed and plugged into its browser it's quite obscure. Not that the others are better. I hope somebody finally implements it and the others will have no choice but to keep up. It could give Mozilla an edge on its competitors for a while if this is presented to public as a token of care.
Duplicate of this bug: 818272
(In reply to Mike Beltzner [:beltzner] from comment #3)
>  (In reply to comment #0)
> > Since I tried Google Chrome, it installed a plugin Google Update, which I
> 
> Google Chrome does indeed silently install a plugin into Firefox's plugins
> directory.
> 
> > Please let the user decide what plugins want before they are listed in plugins
> > list.
> 
> 
> The reporter is proposing that the next time Firefox starts, we confirm that
> plugin needed to be installed. While a good security feature, if you think
> of the plugin as something like Flash or another media player, this will
> quickly become an annoyance and turn into a "whatever" dialog that users
> simply click through.

Some _might_ think that the PURPOSE of the Plugin is to UPDATE the Google Toolbar
and thus allow it. Others may not notice the Plugin (or even know we have such a
thing), since the USER doesn't knows about Plugins OR (choose to) install any
then how is the less sophisticated User to know (only from US, warning them).

Aurora DOES present such a Warning (only once when the BUG that makes it warn you
more than once is not active), so giving a warning is not hard (we have the Code)
or going to be any worse a User experience than what it is on Aurora.


The Security Issue is ALSO that ANY OTHER Program can DO THIS, or MIGHT be able
to exploit the Plugin. Since (it would seem that) the Plugin serves no "useful"
purpose (other than to allow "one-click-install" of a competing Browser) why do
we want to have any part in allowing it in OUR Directory. 

People can still download, save, and CHOOSE to install the Chrome Browser WITHOUT
us allowing the Plugin to use our Directory (and possibly provide OUR Users with
a worse experience). The (small) space it takes up in our Directory ALSO counts
against us (for some People).


Blacklist, probably. Warning, at least; as a minimum Standard.
Duplicate of this bug: 818272
Resolving old bugs which are likely not relevant any more, since NPAPI plugins are deprecated.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.