clinicfoki.blogg.se - Icecat resurfacer

#ICECAT RESURFACER INSTALL#
#ICECAT RESURFACER UPDATE#
#ICECAT RESURFACER SOFTWARE#

The check-sum check here is to make sure the users get the original, non-crafted extension.

A developer, wants to develop/modify extensions = OK (should use a FF developer edition).

A regular user, modified extension packaged by Fedora = FAILS.

A regular user, original extension packaged by Fedora = OK.

A regular user, only official extensions from AMO = OK.

A regular user, no extra extension = OK.

There are some scenarios and we need to make sure we understand the situation.

When there's a possibility to disable addons check-sum control, should it be a default option?.

When the addon is distributed by Fedora in rpm, why it needs to be modified/changed from its original state?.

Which is added value of Firefox addons packaged as rpm and shipped by Fedora?.

There are some questions which needs to be answered:

#ICECAT RESURFACER SOFTWARE#

That being said, in the specific case of Mozilla Firefox, I think our first course of action here needs to be that FESCo should craft a formal letter (possibly published publicly) on behalf of the Fedora Project to the Mozilla Foundation that expresses our concern, particularly that we feel that such mandatory DRM likely causes Firefox to cease qualification as "Free Software" and thus suitability for inclusion in Fedora and likely other Free Software operating systems. Which is to say, I can see one specific exception to the phrasing above, which is that I think it would be fine for Fedora to ship a package that required non-removable DRM if-and-only-if the DRM maintenance system was also provided and available in the Fedora repositories for the user to set up themselves (rather than under the control of a third-party). I don't think that Fedora should ever ship a package that requires DRM that is not in the user's control. I'll start by stating that I agree 95% with the top-level premise. If that is not possible within the Firefox trademark policies, the only option is to finally rebrand Firefox.

#ICECAT RESURFACER UPDATE#

(I would also recommend disabling enforcement by default where it exists, but that might be more controversial.)Īs an immediate action, any update to Firefox 44 must be blocked by FESCo unless the option to disable checking the signatures is reinstated.

There needs to be a Fedora-wide policy banning DRM schemes of this kind with no opt out. We should not allow programs packaged in Fedora to enforce such a signature mechanism on their own with no opt out. Even our own package signature mechanism can be disabled by a gpgcheck=0 setting, or even by just using RPM directly (which does not check signatures by default). We go through great lengths to allow the user to use modified software at his/her own discretion. (It also has the side effect of breaking all Firefox extensions packaged in Fedora, in a way that cannot be fixed without shipping binary blobs, in violation of our policy to build everything from source.) Such a DRM scheme should NOT be allowed in Fedora. As a results, this prevents the user from exercising the fundamental 4 freedoms of Free Software when it comes to Firefox extensions.

#ICECAT RESURFACER INSTALL#

This effectively amounts to an iOS-style DRM scheme, disallowing to install any extensions not coming from Mozilla. With the next release, Firefox 44, upstream is even removing the option to load unsigned extensions entirely. With the release of Firefox 43, Firefox has started refusing by default to load any extensions that are not signed.