Currently components.list is stored as plain ASCII text without any checks on it. We should either lightly encode it (via XOR) or store a hash of its contents somewhere to make it more resistant to casual fiddling. The intent is not to try to stop malware, but just misguided individuals who think dropping code into components/ is a valid extension mechanism.
We now only have a binary.manifest in the components directory. On Windows I am pretty sure we can make the shell service part of browsercomps.dll a js component with a little use of ctypes. It also has an entry for binary-component xpcomsample.dll I personally think getting rid of the components directory entirely should be the next goal instead which would also remove the requirement for a chrome.manifest in the application directory since it only has manifest components/binary.manifest
That sounds like a good idea, but that wouldn't prevent third parties from dropping their own crud in our install directory, right? Unless we have some magic flag that indicates that we don't actually need to look for a chrome.manifest.
You need to log in before you can comment on or make changes to this bug.