OK so I guess its now safe to recommend fetching the addon from Mozilla’s servers since they are now all signed. It will be as simple as pointing it to where the custom rules file is installed.
I wonder if TBB makes any attempt to check signatures though… I know for freedom reasons signed extension support is dropped out of the Tor fork. I may have to check that out.
Sure, will do. New build in process btw. There will be a new thread in the development sub forum.
Please move that into a separate thread.
Disabling that by default would be outrageous. I doubt that. Last time when I fixed the FoxyProxy template, I needed to disable it, because extensions installed as a deb package were ignored because of this.
I testet TBB hardened with foxyproxy and neither of the options seem to work , when i installed it via the Addon-manager it said i should restart TBB to enable it but after a restart it keeps saying this.
I never got a reply for my first post but sent an update with testing results.
Meanwhile I think the best solution is to recommend @goldstein’s work around of disabling sig verification to get the old unsigned version on Jessie to work until Stretch is released. I think by Stretch foxyproxy should include the Mozilla sig and this would no longer be needed.
Since we had the issue the foxyproxy installed from packages.debian.org did not work, we can be pretty sure that Tor Browser does add-on signature checking just like Firefox. (xpinstall.signatures.required)
Our trouble of installing add-ons from addons.mozilla.org is most likely not related to xpinstall.signatures.required. An add-on would either never be listed in Firefox’s add-on manager or labeled as deactivated due to failed signature check.
I speculate, that Tor Browser is doing something to prevent users from the installation of add-ons which we can hopefully disable.