Can Firefox work with a read-only prefs.js?
Lucas Malor
account. I think a simple solution is to set prefs.js with only read
privileges for the users OS account. Will Firefox work this way?
Terry R.
Lucas Malor pounded out on the keyboard:
> I would prevent users to do unwanted modifications to a shared Firefox
> account. I think a simple solution is to set prefs.js with only read
> privileges for the users OS account. Will Firefox work this way?
Hi Lucas,
Did you try it?
I just set my prefs.js file to RO and ran FF. It loaded and ran. But
since there are many other files that are written to in a profile, I
don't know whether you could run it repeatedly without causing issues.
You may have to test it on a particular workstation for an extended
period of time to be sure.
Terry R.
--
Anti-spam measures are included in my email address.
Delete NOSPAM from the email address after clicking Reply.
g
what do you want to share, bookmarks or configurations?
if bookmarks, export them a to common folder, or use a link to other users
with their own profile.
if configurations, forget it. there are some things that need to change and
you will have to be constantly changing write protection. you may have
firefox work for a while, but you will find in time, there will be problems.
to see what changes in just 'prefs.js', open it with notepad and run a fine
for 'last'. that will show you why it is updated after each use.
--
peace out.
tc,hago.
g
.
****
in a free world without fences, who needs gates.
**
help microsoft stamp out piracy - give linux to a friend today
**
to mess up a linux box, you need to work at it;
to mess up an ms windows box, you just need to *look* at it.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/
****
Fox on the run
Create a file called user.js (see http://kb.mozillazine.org/User.js_file)
and configure any static settings in there. A user will still be able
to change settings in prefs.js, however settings in user.js will
overwrite those changes on shutdown so that your defaults are
restored. Note that settings not controlled by user.js will retain
changes. In other words if you don't hard code the homepage in
user.js but you do hardcode popup blocker settings, any changes to the
popup blocker settings will be reversed by the settings in user.js.
But any changes to the homepage settings will be retained because that
setting is not hard coded in user.js.
JB
David McRitchie
I believe he wants to prevent users from making changes.
The keyword for this type of operation is "kiosk" use it in searching
Google or addons. I think he is trying to make something smaller though.
Gets confusing with multiple threads, but I think he things this should be
a separate question. He referred to this thread elsewhere
How to block unwanted changes in a shared profile?
http://forums.mozillazine.org/viewtopic.php?t=1287715
Lucas Malor
>
> I believe he wants to prevent users from making changes.
> The keyword for this type of operation is "kiosk" use it in searching
> Google or addons. I think he is trying to make something smaller though.
Exactly. I don't want to have a real kiosk mode. I would only to
prevent bad changes to prefs.js. User.js is an optimal solution, but
Firefox prefs are more than 1 thousand. I can't search in Mozillazine
for every pref to see if it can be included in user.js safely or not.
For what I see Firefox _seems_ not to need prefs.js for its routines,
update apart. So if I set prefs.js as read-only Firefox should work
well until it will be updated. Do you confirm this?
If this is true, IMO "app.update.lastUpdateTime" datas should be moved
out of prefs.js. Furthermore they are not "real" preferences, but data
logs. What do you think about?
David McRitchie
No idea of what your idea of safely means. Maybe because I didn't go back to original question.
I just looked at your original request. Your users is not really defined.
Who are they and who are you. What kind of control do you have over
them. Are they on a network and you the administrator or are you just
acting in an advisory capacity or do you actually have to protect something.
If you are protecting a network you probably want to have policy stuff and
that probably goes somewhere out of sight of users. Not my bailiwick.
Don't know if app.update.lastUpdateTime belongs in prefs.js or not, but prefs.js
is not where you should be changing things. All I really care about is that stuff works.
Here is a bugzilla search and at least
some would share your opinion -- perhaps they have the same interest as you.
https://bugzilla.mozilla.org/buglist.cgi?query_format=specific&order=relevance%20desc&bug_status=__all__&product=Firefox&content=app.update.lastUpdateTime
I doubt that you should make prefs.js as read-only, would think it would make
a mess of profile, but it would prevent changes from becoming permanent.
I assume you know difference between prefs.js and a user created user.js
I change everything I find on my machine from hidden files, and from read-only,
only problem I had with that was an Opera file.
http://www.mvps.org/dmcritchie/excel/backup.htm
You can make policy changes in the user.js that can't be changed through
about:config and do not show up in about:config so would be confusing:
// vulerability http://grandstreamdreams.blogspot.com/
// http://www.theregister.co.uk/2007/02/15/firefox_vuln/
// http://www.h-online.com/security/Cross-site-scripting-hole-in-Firefox--/news/85364
user_pref("capability.policy.default.Location.hostname.set", "noAccess");
You should be aware of the following which I give a keyword of "aboutconfig:"
similar to "about:config" so that I can use a browser FIND within the document.
http://kb.mozillazine.org/About:config_entries
This extension provides a context menu item for items in about:config
that shows up as "Google name" and works well even though there
is not site: reference in the search because it usually is the first hit.
roachfiend.com � firefox extensions
http://roachfiend.com/archives/category/extensions/.
Some values I had in my prefs.js
http://www.mvps.org/dmcritchie/firefox/code/prefs.txt
and in my user.js
http://www.mvps.org/dmcritchie/firefox/code/user.txt
used to have them get automatically updated, but not anymore
they might be what I had in Fx2.
a list that I used with a presentation were in
http://www.mvps.org/dmcritchie/firefox/lessons/intro/user_js.txt
Extension to bring up profile directory, not marked but may be Windows only.
Open Profile Folder :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/545
For a source comparison of anything you can see in browser
It has to be opened in Firefox Right-click to open if Firefox if not defaulted.,
like for .js where it is not defaulted like .html or .txt is from Friefox.
PageDiff :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/4274
--
HTH,
David McRitchie, extensions I use are briefly documented on my site
Firefox Custom: http://www.mvps.org/dmcritchie/firefox/firefox.htm
Lucas Malor
>
> I just looked at your original request. Your users is not really defined.
> Who are they and who are you. What kind of control do you have over
> them. Are they on a network and you the administrator or are you just
> acting in an advisory capacity or do you actually have to protect something.
I'm the supervisor of a PC room of my university. I am the admin, PCs
are on net and I'm interested not only in security, but also to avoid
modifications that make Firefox unusable.
> You can make policy changes in the user.js that can't be changed through
> about:config [...]
I already set some preferences in user.js and I disabled tools-
>options and about:config. But this does not prevent an user to set a
preference not present in user.js, modifing prefs.js manually. I can
add some preference I know and some of those you suggest me, but what
if I miss something? And what if Firefox will introduce another
problematic preference in a future?
It seems a similar problem was raised here:
https://bugzilla.mozilla.org/show_bug.cgi?id=408156