Unable to install unsigned extensions

Question

Unable to install unsigned extensions

Closed this issue 5 months ago · 14 comments

Even after setting "xpinstall.signatures.required" to "false" in "about:config" I was not able to install an unsigned extension, which I used previously on LibreWolf using the same setting.

Answer 1 · 2022-12-10T16:23:13.000Z

Hey :) this is caused by line, which I already contemplated removing in the past.

Answer 2 · 2022-12-11T20:57:51.000Z

Thanks. I changed the line and compiled it myself. Now it works.

export MOZ_REQUIRE_SIGNING=

Interestingly removing the line didn't work, apparently it defaults to 1. And 0 is not a valid value.

EDIT: For all interested: AUR-Package available here and CI-Builds available here.

Answer 3 · 2022-12-23T15:53:57.000Z

FYI, since this is a security relevant change, I would not mind maintaining my own fork. I would not want to risk opening this potential security hole in a browser that is installed by default on all computers running Garuda Linux.

Answer 4 · 2022-12-24T07:51:10.000Z

@stefanwimmer128 is that really the only way?
https://bugs.gentoo.org/802285#c1
https://bugs.archlinux.org/task/63075

Answer 5 · 2022-12-24T08:10:40.000Z

@Technetium1 Not sure, ultimately it's up to the maintainer to decide whether it's safe to remove the extension signing requirement.
I'm just offering to maintain my own fork - which I'm already doing to make manually building it easier (AUR, CI-Builds) -, in case it is not feasible to change it for all users.

Answer 6 · 2022-12-24T08:40:33.000Z

Looks like the flag can be altered such that you can install unsigned extensions into the install dir though?

Answer 7 · 2022-12-24T19:32:58.000Z

Firedragon already includes the flag --with-unsigned-addon-scopes=app,system and it does work, but it only allows installing unsigned extensions by manually putting them in /usr/lib64/firefox/browser/extensions. What I need is to be able to install them for a single profile in about:addons using the Install Add-on From File...-Option. For that I only found the solution provided by dr460nf1r3.

But I realize this is a very specific use case, which is why I really wouldn't mind maintaining my own fork.

Answer 8 · 2022-12-25T07:51:16.000Z

Sounds good to me!

Answer 9 · 2023-02-01T21:12:35.000Z

Eh I noticed you actually did it. Nice to see! :)

Answer 10 · 2023-10-14T13:31:40.000Z

Could we please get this in the main package,
it feels very silly having to spend way more time compiling a separate build of a browser, specificly for installing a thrown together addon.

Answer 11 · 2023-10-14T14:30:37.000Z

Compiling is not necessary since the package is either available prebuilt as firedragon-unsigned-extensions-bin or in my own repository or can be manually downloaded from my GitLab.

Answer 12 · 2023-10-14T14:56:48.000Z

Still, extensions are a basic function, they shouldn't need a special version of a browser.
although thanks for pointing out there's a -bin package, i do need it

Answer 13 · 2024-02-15T09:10:51.000Z

Latest versions now allow installation of unsigned extensions by default.

Answer 14 · 2024-02-15T10:23:49.000Z

Yes indeed, thanks for taking care!