On Thu, Aug 27, 2015 at 02:28:48AM +0200, Reindl Harald wrote: > > Am 27.08.2015 um 02:21 schrieb Solomon Peachy: > >On Wed, Aug 26, 2015 at 05:53:36PM +0200, drago01 wrote: > >>A better solution would be to add a mechanism that allows you to use > >>your own signing keys. > >>That way you have both 1) install self built extensions and 2) the > >>added security. > > > >..and (3) a way for malware to install its own key, rendering (2) moot > > that would imply that malware running as root and then you have already lost > the whole game - pretty sure nobody meant "your own signing keys" writeable > by the user firefox is running I suspect even malware with user rights will be able to effectively manipulate the firefox binary using LD_PRELOAD or many other methods. Having a working sandbox implementation would improve security much better. Richard -- Name and OpenPGP keys available from pgp key servers
Attachment:
pgpoz6eYYHGAf.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
