How can I set option security.enterprise_roots.enabled to false? It's locked
Hello. I have KIS (antivirus). I have disabled all MITM options at settings. But FF set and locked security.enterprise_roots.enabled to true. How can I set option security.enterprise_roots.enabled to false?
Chosen solution
Okay, time to search for Autoconfig files.
Could you check for alien script files in your Firefox program folder? In particular, in these locations (varies for 32-bit / 64-bit):
- C:\Program Files\Mozilla Firefox\defaults\pref
- C:\Program Files (x86)\Mozilla Firefox\defaults\pref
Caution: Do not double-click script files! The default action for a script file it to execute as a Windows system script. (Typically this would just not work, but why risk it.)
Make sure Windows is showing hidden files: https://support.microsoft.com/en-us/help/14201/windows-show-hidden-files
A file named channel-prefs.js is normal. Any other file in this folder is suspicious and could be used to lock preferences. Remove any such files to a neutral location for further analysis at your leisure. You can rename the file with a .txt extension and examine it for the name of another file that contains the locking code.
More info:
Read this answer in context 👍 1All Replies (7)
Are you using Firefox in a "managed" environment with an IT department?
If yes, please check with them on whether they implemented that setting.
If no, please check the following page:
Type or paste about:studies into the address bar and press Enter to load that internal page. Are you part of the study about security software and certificates? If so, you should find a way to exit the study, and hopefully that will unlock the preference.
Any progress?
See also: About Studies
You can check the about:policies#active page in Firefox 63+ to see if there are policies active.
jscher2000 said
Are you using Firefox in a "managed" environment with an IT department? If yes, please check with them on whether they implemented that setting. If no, please check the following page: Type or paste about:studies into the address bar and press Enter to load that internal page. Are you part of the study about security software and certificates? If so, you should find a way to exit the study, and hopefully that will unlock the preference. Any progress? See also: About Studies
I use FF on my PC at home. I'm not part of the study.
cor-el said
You can check the about:policies#active page in Firefox 63+ to see if there are policies active.
Here is empty.
Chosen Solution
Okay, time to search for Autoconfig files.
Could you check for alien script files in your Firefox program folder? In particular, in these locations (varies for 32-bit / 64-bit):
- C:\Program Files\Mozilla Firefox\defaults\pref
- C:\Program Files (x86)\Mozilla Firefox\defaults\pref
Caution: Do not double-click script files! The default action for a script file it to execute as a Windows system script. (Typically this would just not work, but why risk it.)
Make sure Windows is showing hidden files: https://support.microsoft.com/en-us/help/14201/windows-show-hidden-files
A file named channel-prefs.js is normal. Any other file in this folder is suspicious and could be used to lock preferences. Remove any such files to a neutral location for further analysis at your leisure. You can rename the file with a .txt extension and examine it for the name of another file that contains the locking code.
More info:
jscher2000 said
Okay, time to search for Autoconfig files. Could you check for alien script files in your Firefox program folder? In particular, in these locations (varies for 32-bit / 64-bit):Caution: Do not double-click script files! The default action for a script file it to execute as a Windows system script. (Typically this would just not work, but why risk it.) Make sure Windows is showing hidden files: https://support.microsoft.com/en-us/help/14201/windows-show-hidden-files A file named channel-prefs.js is normal. Any other file in this folder is suspicious and could be used to lock preferences. Remove any such files to a neutral location for further analysis at your leisure. You can rename the file with a .txt extension and examine it for the name of another file that contains the locking code. More info:
- C:\Program Files\Mozilla Firefox\defaults\pref
- C:\Program Files (x86)\Mozilla Firefox\defaults\pref
I found it: // kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js pref("general.config.obscure_value", 0); pref("general.config.filename", "kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg");
kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg has lock flag for the option. I tried to remove or clean it. But when I start FF, it is filled again. I cleared it and removed the rights to edit the file. Now everything is all right.
Eucking Kaspersky! The best idea is to remove it.
Thank a lot. Problem was solved.
Option select "Use Mozilla certificate store" also helps, even if the "Scan secure traffic in Mozilla applications" is disabled.