Reporting and Nominating Bugs for Mozilla Firefox 1.0

Thursday April 29th, 2004

Ben Goodger writes: "We're beginning the drive to Firefox 1.0 and we need to make sure that every bug people think is important is filed in Bugzilla and has a blocking0.9? or blocking1.0? request flag set. This will allow the FDT (heh) to develop an action plan for the milestones between now and 1.0, prioritize bugs and so on. It's essential that people start doing this now, rather than later, otherwise bugs might slip through the cracks!" Further details are available in Ben's posting to the Firefox forums.

#44 Re: Re: Re: Re: Re: We are all wasting time, obvio

by bzbarsky

Friday April 30th, 2004 10:20 AM

You are replying to this message

> I don't know the technicalities of the extensions

Then why talk about their potential, if you don't know its limitations?

> What's missing right now is a good reference, tutorials.

No, what's missing is some way of making sure extensions don't step on each other's toes, some way of making sure that extensions don't open up gaping security holes (some do, right now), etc. Some work is being done on this (e.g. extension manager), but getting to the point where extensions are safe to install is a long way off.... at the moment, I'd only install an extension if the source has been audited by someone I trust (and since there is no one doing such audits, that means if I've read the source) or if I'm installing it on a build running in a chroot jail for testing putposes. This applies to both SeaMonkey and Firefox extensions...

Curently extensions are great for authors and very very dangerous for users, especially ones that don't really appreciate the dangers... Just like ActiveX controls, except you're usually discouraged from letting those run, while the Firefox crowd is very keen on urging people to install extensions (and some of the most-urged ones are some of the worst from the point of view of not stepping on other extensions and not opening security holes).