lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 1 Mar 2006 16:54:39 -0600
From: Michael Ekstrand <lists@...hack.net>
To: bugtraq@...urityfocus.com
Subject: Re: Evil side of Firefox extensions


On Wed, 01 Mar 2006 21:12:28 +0100
"azurIt" <azurit@...ox.sk> wrote:
> I was primary talking about the internet clubs. FFsniFF was tested on
> _one_ computer in local internet club: About 30 sniffed accounts
> (mostly mail and chat accounts) in two days.
> There are also another ways how extensions can be installed into your
> browser. For example by a some kind of viruses.
> 
> The only thing which I wanted to say is that there should be a way
> how to disallow installation of extensions by anyone.

A few solutions here, without modifying firefox:

First, some kinda of disk-clean-on-reboot thing, and reboot regularly
(if not every time someone's done using the machine). Practical in some
places (university computer labs), not in others (might cause problems
in a club).

A practical revision of that: have the Firefox launch icon launch
Firefox from a freshly-copied, pristine profile. Every time Firefox
closes, the profile gets wiped and reinstated on its next run. This can
be done securely - the profile could even reside in a PGP-signed ZIP
file that gets unpacked on app launch. Or, on certain *Nix systems
(esp. OpenBSD), a clever use of auto-erased union mounts could do the
trick.

Second idea: more fine-grained locking of the permissions on the
Firefox profile directories. Deny the kiosk user permission to write to
the extensions directory in the firefox profile, but let them write to
the cache, etc. The fresh-profile solution is probably better though.

It may be useful for Firefox to have a "kiosk" mode where extensions,
preferences, etc. are locked; however, a lot of this can be achieved
with a fresh profile each startup.

- Michael

-- 
mouse, n: a device for pointing at the xterm in which you want to type.
                -- Fortune

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ