> Both of those things (unsigned plugins causing permanent warnings and/or only being enabled for a developer edition) happen because not doing them means leaking open the one last (huge) hole malware can infect computers through
Modern operating systems have a concept of users, groups of users and dedicating one of these to the role of administrator. I see no problem in not enforcing signing rule for the extensions installed by administrator (at system-wide locations, not user profile) - they are read only for the rest of the users anyway, so they couldn't be installed by drive-by malware. Power users are happy, naive users are protected.
If there is a malware that looks like installed by administrator, you have much bigger problems anyway. That malware could patch the firefox binary in the same way as it could deploy the extension, so you gained exactly nothing.
But the current situation just makes power users unhappy. This policy killed some extensions that were shipped by Linux distributions.
Modern operating systems have a concept of users, groups of users and dedicating one of these to the role of administrator. I see no problem in not enforcing signing rule for the extensions installed by administrator (at system-wide locations, not user profile) - they are read only for the rest of the users anyway, so they couldn't be installed by drive-by malware. Power users are happy, naive users are protected.
If there is a malware that looks like installed by administrator, you have much bigger problems anyway. That malware could patch the firefox binary in the same way as it could deploy the extension, so you gained exactly nothing.
But the current situation just makes power users unhappy. This policy killed some extensions that were shipped by Linux distributions.