Avatar for Username

Vyhľadajte odpoveď

Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Learn More

Táto téma bola archivovaná. Ak potrebujete pomôcť, založte prosím novú otázku.

I am trying to determine which preference were either deleted or changed for the purpose of locking them down per DOD STIGs.

  • 3 odpovede
  • 1 má tento problém
  • 47 zobrazení
  • Posledná odpoveď od imbatman14rs

imbatman14rs
imbatman14rs
more options

I no longer see the following preferences and need to know if they were straight out deleted or are encompassed by another preference(s):

signon.prefillForms privacy.ite.history privacy.sanitize.promptOnSanitize browser.download.dir xpinstall.enabled security.warn_leaving_secure security.enable_tls security.enable_ssl2 security.enable_ssl3

I no longer see the following preferences and need to know if they were straight out deleted or are encompassed by another preference(s): signon.prefillForms privacy.ite.history privacy.sanitize.promptOnSanitize browser.download.dir xpinstall.enabled security.warn_leaving_secure security.enable_tls security.enable_ssl2 security.enable_ssl3

Vybrané riešenie

security.enable_ssl3 was replaced by the security.tls.version.min and security.tls.version.max preferences. http://kb.mozillazine.org/Security.tls.version.*

security.tls.version.min is set to 1 at default which disables SSL3. SSLv3 was disabled by default as of Firefox 34 and later.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

security.warn_leaving_secure do not have an effect any longer as of Firefox 19.0 ... Bug 799009 - Remove support for obsolete SSL-related warning prompts

Bug 469158 - Remove the 'privacy.sanitize.promptOnSanitize' preference

The xpinstall.enabled pref is only present on the about:config page when you add it yourself. When absent then it defaults to true.

Čítať túto odpoveď v kontexte 👍 0

Všetky odpovede (3)

John99
John99
more options

You will probably get better and more relevant advice if you try our Mozilla security forum

You probably should mention which DOD STIG you are trying to follow

If you post a question please reply here with a link to the post so we may follow your progress.

Thanks

James
James
  • Top 25 Contributor
  • Moderator
more options

Vybrané riešenie

security.enable_ssl3 was replaced by the security.tls.version.min and security.tls.version.max preferences. http://kb.mozillazine.org/Security.tls.version.*

security.tls.version.min is set to 1 at default which disables SSL3. SSLv3 was disabled by default as of Firefox 34 and later.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

security.warn_leaving_secure do not have an effect any longer as of Firefox 19.0 ... Bug 799009 - Remove support for obsolete SSL-related warning prompts

Bug 469158 - Remove the 'privacy.sanitize.promptOnSanitize' preference

The xpinstall.enabled pref is only present on the about:config page when you add it yourself. When absent then it defaults to true.

imbatman14rs
imbatman14rs Autor otázky
more options

Thank you John99 and James.