1p extension not working for Firefox Developer Edition 88.0b9 (64-bit)
When attempting to unlock the 1password beta extension I'm getting a blocking message that says Firefox needs to be updated even though I am already on the latest available Developer Edition (version 88.0b9 as of this writing)
1Password Version: 0.9
Extension Version: 1.25.3
OS Version: pop_os 20.10
Sync Type: 1password
Comments
-
0
-
Hey @coldlogic ,
Thanks for reporting this.I asked some of our developers to take a look at this when they can and see if they can shed some light on the matter. Until they do, can you please grab the extension's log for us: https://support.1password.com/cs/extension-console-log/
If there are any accounts UUIDs in the logs, feel free to censor them out.
0 -
Hey @coldlogic ,
Did you get Firefox from an apt repo? if not, it might not have the right permissions (or at least, right enough for us).
If that is the case, please locate your Firefox's installation folder (e.g. ~/.local/apps/firefox ) , then cd into it and run:sudo chown -R root:root ~/.local/apps/firefox && sudo chmod 755 ~/.local/apps/firefox/firefox-bin
Restart Firefox afterwards and see if that helped.
0 -
@ag_yaron Thank you for the tips! I had downloaded Firefox directly from Mozilla's website and installed it in my home directory.
I moved it into
~/.local/apps/firefox
and changed the ownership to root and that seems to have done the trick. Works like a charm now.0 -
That's great, I'm happy to hear everything is working properly :+1:
0 -
So I ran into this same problem on Linux (and was confused up until seeing this post since this works fine on Windows and Mac). I'm not entirely happy with this solution, since I don't want the superuser owning a directory in my own home directory. Is there a reason why 1password wants firefox to be in a specific directory and owned by root? Is there any way it can be configured to allow being owned by the person who owns the running process? I can see how this could be used as an attack vector (run some copy of firefox some other user installed and you can't trust it), but I don't see the harm in running a copy of firefox which I installed myself in my own directory and owned by my user.
0 -
Thanks for writing in @LeighK, and I appreciate you highlighting this concern over security!
This issue is popping up because 1Password is unable to verify the binary permissions for Firefox Developer Edition. By making the directory owned by root, 1Password can verify the expected permissions and will then proceed to run. When we make Firefox Developer owned by root, the attack vectors are actually limited, as it limits the processes that are able to affect the files within the Firefox directory. Of note, setting Firefox to be owned by root does not cause it to run as root.
0 -
Ah, ran into this issue and this fixed it for me too! The specific directory doesn't actually matter, it's just the ownership by root that is important.
0 -
Actually, I realized one issue with this fix/workaround - by making the directory owned by root, Firefox Developer Edition actually can't update itself unless I'm running it as root. So now I'm a little confused about what the change is trying to achieve here - before changing permissions, it always thinks Firefox has an update, but after changing permissions, it no longer thinks that, it just can't actually install the update. I guess this is less of an issue if you install Firefox from system repos or a PPA and can update via package manager, but I don't think Developer Edition is available from a PPA (though beta is: https://launchpad.net/~mozillateam/+archive/ubuntu/firefox-next). At least at some point Developer Edition had slightly different developer tools than the regular Beta but I don't know if that's still the case...
0 -
@ibrahima I ran into the same issue with Firefox Nightly on Debian, installing Firefox Daily from the official PPA resolved that issue for me. However, I do not know if there is a Developer Edition available there nor do I know the current differences between the versions. Good luck finding an appropriate solution!
0 -
Ah, I actually didn't know that, thanks so much for bringing that up!
Making Firefox Dev owned by root changes how 1Password perceives it, but it seems that the biproduct is that Firefox is not able to update. If you find that you use the additional Developer tools in the Firefox Dev, one option would be to occasionally give ownership of Firefox directory back to $USER so you can update, then return ownership to root afterwards to continue using browser integration.
0