Avatar for Username

Pesquisar no apoio

Evite burlas no apoio. Nunca iremos solicitar que telefone ou envie uma mensagem de texto para um número de telefone ou que partilhe informações pessoais. Por favor, reporte atividades suspeitas utilizando a opção "Reportar abuso".

Learn More

Esta discussão foi arquivada. Se precisar de ajuda, por favor, coloque uma nova questão.

I am trying to determine which preference were either deleted or changed for the purpose of locking them down per DOD STIGs.

  • 3 respostas
  • 1 tem este problema
  • 47 visualizações
  • Última resposta por imbatman14rs

imbatman14rs
imbatman14rs
more options

I no longer see the following preferences and need to know if they were straight out deleted or are encompassed by another preference(s):

signon.prefillForms privacy.ite.history privacy.sanitize.promptOnSanitize browser.download.dir xpinstall.enabled security.warn_leaving_secure security.enable_tls security.enable_ssl2 security.enable_ssl3

I no longer see the following preferences and need to know if they were straight out deleted or are encompassed by another preference(s): signon.prefillForms privacy.ite.history privacy.sanitize.promptOnSanitize browser.download.dir xpinstall.enabled security.warn_leaving_secure security.enable_tls security.enable_ssl2 security.enable_ssl3

Solução escolhida

security.enable_ssl3 was replaced by the security.tls.version.min and security.tls.version.max preferences. http://kb.mozillazine.org/Security.tls.version.*

security.tls.version.min is set to 1 at default which disables SSL3. SSLv3 was disabled by default as of Firefox 34 and later.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

security.warn_leaving_secure do not have an effect any longer as of Firefox 19.0 ... Bug 799009 - Remove support for obsolete SSL-related warning prompts

Bug 469158 - Remove the 'privacy.sanitize.promptOnSanitize' preference

The xpinstall.enabled pref is only present on the about:config page when you add it yourself. When absent then it defaults to true.

Ler esta resposta no contexto 👍 0

Todas as respostas (3)

John99
John99
more options

You will probably get better and more relevant advice if you try our Mozilla security forum

You probably should mention which DOD STIG you are trying to follow

If you post a question please reply here with a link to the post so we may follow your progress.

Thanks

James
James
  • Top 25 Contributor
  • Moderator
more options

Solução escolhida

security.enable_ssl3 was replaced by the security.tls.version.min and security.tls.version.max preferences. http://kb.mozillazine.org/Security.tls.version.*

security.tls.version.min is set to 1 at default which disables SSL3. SSLv3 was disabled by default as of Firefox 34 and later.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

security.warn_leaving_secure do not have an effect any longer as of Firefox 19.0 ... Bug 799009 - Remove support for obsolete SSL-related warning prompts

Bug 469158 - Remove the 'privacy.sanitize.promptOnSanitize' preference

The xpinstall.enabled pref is only present on the about:config page when you add it yourself. When absent then it defaults to true.

imbatman14rs
imbatman14rs Proprietário da pergunta
more options

Thank you John99 and James.