Closed Bug 815574 Opened 8 years ago Closed 8 years ago
Third party software installs plugins and modify homepage and default search engine without user knowing
Summary: users must opt in for any changes brought about by third party applications, especially plugins. Until then they must remain turned off. It is a possible security breach. We need to have full control over it. Now in more details. It's a longstanding issue. I've had numerous third party apps that would silently install their plugins into Firefox and you wouldn't know that unless you open plugins page. Not only users should be warned that a new plugin appeared, but this plugin must be disabled by default. It might be presented in a form like "Firefox has detected a new plugin and needs your permission to enable it. We care for your security" or similar. And maybe a checkbox to disable this behavior for those who don't want this additional precaution. Of course with an option somewhere to enable it. E.g. Java, when it updates, re-enables its plugins and also you find them turned on again, even if you disabled them before update. Even updates of enabled plugins might require some kind of warning and enable/disable dialog. Click-to-play is only a half-measure. It works fine for those plugins that require some content on the page to work. But what does Google Update do in Firefox as a plugin and does it really need any content on pages at all to be running?? I doubt so. When I heard of opt-in plugin activation I hoped for a more radical solution. Browsers just shouldn't enable plugins unless users confirm they want it. There are numerous examples to it. Google installs its updater, I even got some plugins from Wacom graphical tablet - without a sign of warning. I've no idea what many others did until I discovered them. There are also apps that may change your start page or default search engine. I think these also must be protected in similar manner. I think is it a good idea for Thunderbird and anything else that may have plugins.
You are running software with administrator privileges on your system (third party installers) and are wondering yourself why this software can do everything on your system that it wants ? Come on... The installer could for example replace Firefox.exe with Opera.exe and there is nothing that Firefox could do to prevent that. The only valid point in this report is that there could be a warning if a new plugin gets installed in a similar way we do that with global extensions. That is however no guarantee that an installer couldn't workaround and disable the warning. Some extensions already workaround the new extension warning and there is nothing that we could do to avoid that except trying to block such extensions. Firefox offers in new version also a way to restore your keyword search URL in case it got changed. anyway, marking as dupe of bug 454769 Note: Please don't protest against the duping because your report covers more than just bug 454769. Bug reports are required to contain one single issue and not several.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 454769
>And no action taken. Why? short:We accept patches long: Developers think that there are more important bugs to fix >Isn't UAC designed to address this? Read: https://developer.mozilla.org/en-US/docs/Gecko_Plugin_API_Reference/Plug-in_Basics#How_Gecko_finds_plug-ins Plugins installed in the user directory are only visible for that user. Other entries require advanced privileges. A "user" Account shouldn't have the privileges to write in this locations. Plugins in general aren't active the whole time. They are only active if the browser gets a document with a mime-type back from a http server that the plugin registered.
You need to log in before you can comment on or make changes to this bug.