[conspire] People failing to learn about package gatekeeping, part 1
Rick Moen
rick at linuxmafia.com
Mon Apr 18 15:32:35 PDT 2022
Quoting Dire Red (deirdre at deirdre.net):
> Maybe it's because I've been on a browser team, but I don't consider
> that decision either surprising or shocking.
>
> There's no other way to manage cert revocation effectively (i.e., if
> you're permitting unsigned things, there's no way to axe something
> malicious because they could just use the unsigned variation), and
> you've got to have *something* in place that prevents extensions that
> were made by legit people that have, over time, gotten into the hands
> of shady people and therefore need to be mass disabled. Or things that
> were intended to be turned into malware, but weren't yet when the
> extension was initially signed/reviewed.
All easily understandable. What is _not_ is disallowing a local
administrative user to add his/her own signing key to the keychain
within Firefox whose signed extensions it will allow to load.
Of course, any distro _could_ maintain a local patch to retrofit that
ability -- and should.
More information about the conspire
mailing list