Re: userChrome.css will not be supported indefinitely
- Date: Wed, 31 Jan 2018 22:11:05 -0500
- From: B00ze <B00ze64@xxxxxxxxxxx>
- Subject: Re: userChrome.css will not be supported indefinitely
On 2018-01-31 11:34, WaltS48 <WaltS48@xxxxxxxxxxxxxxxxx> wrote:
On 1/31/18 11:11 AM, Caver1 wrote:
On 01/31/2018 10:11 AM, WaltS48 wrote:
On 1/31/18 9:53 AM, Ed Mullen wrote:
On 1/30/2018 at 2:30 PM, WaltS48 created this epitome of digital
On 1/30/18 2:22 PM, Ed Mullen wrote:
On 1/30/2018 at 2:17 PM, WaltS48 created this epitome of digital
On 1/30/18 2:01 PM, Wolf K wrote:
On 2018-01-30 13:06, Ed Mullen wrote:
On 1/30/2018 at 1:01 PM, Caver1 created this epitome of digital
"The functionality of userChrome.css will not be supported,
for the same reasons that we removed support for legacy themes."
I just uttered language I cannot post here.
I bet I had the same thoughts.
So, you all want somebody to hack into your userContent.css, or
userChrome.ccs files and hijack your Firefox.
Oh, c'mon! Just how are they going to do that?
The same way they could with Complete Themes I guess.
Hack into your computer, edit the files and save them. Or maybe
completely replace them.
The next time you open Firefox, it doesn't look like you last used it.
"Hack into your computer ..." is the key to why there is little to
worry about concerning this. How's someone going to hack into my PC
by my visiting a web site? Pure FUD.
"Mozilla has released Firefox 58.0.1 to fix a security issue that was
hiding in the browser's UI code and would have allowed an attacker to
run code on the user's computer, allowing a quick and easy path to
delivering malware or even taking over the entire PC."
And this has something to do with .css?
Not a thing, other than a security issue that could be hiding in the
browser's UI code that allows an attacker to run code on the user's
computer allowing a quick and easy path to the .css files.
I'll concede to being the most stupid idiot here.
Walt is right. I -LIKE- userChrome, but it is probably a small
vulnerability; some whizkid can probably find a way to mess with you
using it. Some bad addOns were recently discovered, for example, that
were intercepting about:addOns to prevent you from removing them. They
might be able to use userChrome to do something similar, like hiding the
"remove" buttons inside the about:addOns page...
! _\|/_ Sylvain / B00ze64@xxxxxxxxxxx
! (o o) Member:David-Suzuki-Fdn/EFF/Red+Cross/SPCA/Planetary-Society
oO-( )-Oo Ah forget the docs, just see if it blows up!
general mailing list