Web lists-archives.com

Re: ping Walt, bug about add-on verification override

On 2/8/2017, 7:55:16 PM, Caver1 <caver1@xxxxxxxxxxxx> wrote:
> On 02/08/2017 07:52 PM, WaltS48 wrote:
>> On 02/08/2017 07:41 PM, Caver1 wrote:
>>> On 02/08/2017 05:23 PM, WaltS48 wrote:
>>>> On 02/07/2017 07:32 PM, Caver1 wrote:
>>>>> On 02/07/2017 06:14 PM, »Q« wrote:
>>>>>> FYI.  Walt, in m.s.f you recently talked about filing a bug about the
>>>>>> fact that Fx can be configured not to verify add-ons.  I did file a bug
>>>>>> on it, which was eventually marked a dupe of a hidden bug.  That one's
>>>>>> been unhidden now,
>>>>>> <https://bugzilla.mozilla.org/show_bug.cgi?id=1292444>.  I won't try to
>>>>>> summarize -- I think to get a grip on the problem and what they might
>>>>>> do about it, you gotta read it through and chase the links to other
>>>>>> bugs, especially paying attention to Kaply's comments.
>>>>> Why is that a bug?
>>>> Disabling security, as indicated by the RESOLVED:DUPLICATE status of Q's
>>>> bug as a duplicate of the previously hidden ACCESS DENIED bug 1292444.
>>>> Any bug a user sees as ACCESS DENIED is a security vulnerability.
>>> In the Eyes of the beholder. It's up to the user. I have been using said
>>> extensions for years with no security problems. If I want/need to use
>>> them then I have the choice to do so which harms no one.
>> Bullshit.
> Why do you say Bullshit? Not a very convincing argument.

I had to read your comment and his reply twice, but I think you

Walt said that any bug that you go try to view in bugzilla is a security
vulnerability - that is why it is 'hidden'.

I think you are arguing about the ability to override the verification
of Addons.

Two completely different things.
general mailing list