Normandy can remotely change the functionality and behavior and preferences of Firefox installations, though. It can silently install extensions which may not be listed at about:addons. I agree that is not remote root access (not immediately, anyway), but the fact that such a powerful remotely controllable feature is enabled by default, without the user asked for explicit opt-in, is still very troubling from my perspective. And so is your response, I might add.
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1827717 Title: Normandy remote control should be disabled by default Status in firefox package in Ubuntu: Opinion Bug description: While sure useful as a way to remedy the add-on intermediate signing certificate expiry issue Mozilla has created (https://bugzilla.mozilla.org/show_bug.cgi?id=1548973), I really think Normandy should be disabled in Ubuntu by default: Normandy is a collection of servers, workflows, and Firefox components that enables Mozilla to remote control Firefox clients in the wild based on precise criteria. https://mozilla.github.io/normandy/ Reasoning: Software installed via APT should have defined states, software should not be allowed to change itself, unless the user has actively chosen to enable such functionality and this functionality points out, for the user, that it has this capability. The current default preference (per about:config) is: app.normandy.enabled;true To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1827717/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
