Closed Bug 523408 Opened 16 years ago Closed 16 years ago

[website]:users can upload malicious code as Jetpack

Categories

(Mozilla Labs :: Jetpack Prototype, defect, P2)

Product:
Mozilla Labs
Component:
Jetpack Prototype
Platform:
x86
All
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: krupa.mozbugs, Assigned: ryansnyder)

Details

For now,there is no review process in place for uploaded Jetpacks.Users can potentially upload malicious code which can harm our users post-install. We should consider having a review process in place or at least run some validation tests.
Summary: [websites]:users can upload malicious code as Jetpack → [website]:users can upload malicious code as Jetpack
As close as it can be, while allowing for the stylistic differences between the Gallery and AMO, I would like to use the AMO UI format for user sign-off re: the install of experimental add-ons. This should replace the red screen of death before the initial release of the Gallery. For ref: https://addons.mozilla.org/en-US/firefox/addon/14975
Status: NEW → RESOLVED
Closed: 16 years ago
Priority: -- → P2
Resolution: --- → FIXED
There is a a checkbox which the user has to check before installing an unreviewed jetpack.Calling this bug fixed. Filed Bug 530559 regarding the checkbox.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.