Opened 6 years ago

Closed 5 years ago

#6021 closed defect (wontfix)

disable addons

Reported by: proper Owned by: ioerror
Priority: Very High Milestone:
Component: Applications/TorBirdy Version:
Severity: Keywords:
Cc: proper, mikeperry Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

There are a few addons installed on Ubuntu by default installation.

  • EDS Contacts Integration for Thunderbird
  • Global Menu Bar integration
  • Messaging Menu and Unity Launcher integration

Some of them might be risky.

For example "Messaging Menu and Unity Launcher integration" syncs with the Evolution Data Server (EDS). And the EDS possibly syncs with Google and/or Ubuntu One. (source of that information)

Contacts from Thunderbird/TorBirdy should not be uploaded and stored unencrypted in any cloud.

My suggestions is, do it like TorButton, deactivate most addons. Perhaps with the exception of enigmail (#6019) and mixgui (#6020). Allow users to override the function, at least through an about:config setting.

Child Tickets

Change History (5)

comment:1 Changed 5 years ago by ioerror

Cc: mikeperry added

I think this is a good idea - can we just use the code from TorButton Mike?

comment:2 Changed 5 years ago by mikeperry

There's no example code in Torbutton for this, sadly. We disable plugins from Torbutton, not addons. However, it does look like APIs exist for this. You can register "changes" to take effect upon Thunderbird restart via the AddonManager.addStartupChange() call. See https://developer.mozilla.org/en-US/docs/Addons/Add-on_Manager/AddonManager#addStartupChange%28%29 and https://developer.mozilla.org/en-US/docs/Addons/Add-on_Manager/AddonManager#Startup_change_types

You probably can then even cause a force-restart of Thunderbird to make the changes take effect, though I'm not sure of the API for that off-hand.

comment:3 Changed 5 years ago by sukhbir

Hi Mike,

Is there any particular reason why you disable plugins but not addons in Torbutton?

comment:4 Changed 5 years ago by mikeperry

Several. Here's the top 5:

  1. Unlike plugins, addons tend not to be available to be used by random websites to do random things.
  2. Even when they do interact with websites, web pages, and web services, they always obey browser proxy settings (unless they are actively malicious themselves).
  3. Users would hate us. They installed their addons because they wanted them, and suddenly some/all of their other addons are magically disabled because they installed ours? I suppose we could ask first, but:
  4. Scope. I didn't want to get into the business of auditing thousands of addons.
  5. This is why we now ship TBB with our fixed set instead of relying only on Torbutton. However, I still think it is a good idea to let users install arbitrary addons of their choice, even into TBB.

comment:5 Changed 5 years ago by sukhbir

Resolution: wontfix
Status: newclosed

Thanks Mike! I had decided that we will block each add-on and then give the user an option to unblock them (when TorBirdy runs for the first time) if they desire. But I guess it seems like an overkill. What we should probably do is just warn the user that they are unsafe if they use an add-on that we have not tested/ we don't recommend.

Note: See TracTickets for help on using tickets.