Is using Paxmod secure? #73
Comments
|
Great question!
Back in the days, Firefox addons were running with full privileges, that is, full access to the system. Today, addons are WebExtensions which run isolated from each other and with little powers by default. For advanced privileges, the browser provides a set of specific APIs for which addons must request individual permission. Even though the APIs themselves are fully privileged, they only export some carefully designed "secure" API methods for addons to use. Since, famously, there is no built-in UI modifcation API, Paxmod supplies two new APIs itself, and you can see which API functions they expose to the WebExt in their respective schemas here and here. As I see it, only the However, keep in mind that Paxmod fetches updates automatically from this Github repo. If one day I turn evil, or someone gains push access to this repo, they could add malicious code to the API implementation, delivered to your machine with the next auto update. (In contrast, a malicious update to a regular FF addon would remain restricted to the builtin APIs [those which the user has granted access to] and couldn't just compromise your system.) If that is a concern to you, the best practice is to disable auto updates for Paxmod (at TL;DR The bundled APIs, as they are written and used, don't add much exposure. But you need to trust future updates, or review them before installation. |
|
Thanks! I'll install it and try it out later. You can go ahead and close this, but may I suggest adding either the text or a link to it to the FAQ. |
|
I added a note in the readme's FAQ section. |
I'm interested in trying this out, since the lack of TMP is the main thing holding me back from using Firefox, but since it uses its own API, which manipulates Firefox, I'm wondering if that might be opening it up to exploits. IOW, could your custom API possibly be opening the browser up to attacks?
The text was updated successfully, but these errors were encountered: