1p extension not working for Firefox Developer Edition 88.0b9 (64-bit)

coldlogiccoldlogic
edited May 9 in Linux Beta

When attempting to unlock the 1password beta extension I'm getting a blocking message that says Firefox needs to be updated even though I am already on the latest available Developer Edition (version 88.0b9 as of this writing)


1Password Version: 0.9
Extension Version: 1.25.3
OS Version: pop_os 20.10
Sync Type: 1password

Comments

  • ag_yaronag_yaron

    Team Member

    Hey @coldlogic ,
    Thanks for reporting this.

    I asked some of our developers to take a look at this when they can and see if they can shed some light on the matter. Until they do, can you please grab the extension's log for us: https://support.1password.com/cs/extension-console-log/

    If there are any accounts UUIDs in the logs, feel free to censor them out.

  • ag_yaronag_yaron

    Team Member
    edited April 20

    Hey @coldlogic ,

    Did you get Firefox from an apt repo? if not, it might not have the right permissions (or at least, right enough for us).
    If that is the case, please locate your Firefox's installation folder (e.g. ~/.local/apps/firefox ) , then cd into it and run:
    sudo chown -R root:root ~/.local/apps/firefox && sudo chmod 755 ~/.local/apps/firefox/firefox-bin

    Restart Firefox afterwards and see if that helped.

  • coldlogiccoldlogic
    edited April 21

    @ag_yaron Thank you for the tips! I had downloaded Firefox directly from Mozilla's website and installed it in my home directory.

    I moved it into ~/.local/apps/firefox and changed the ownership to root and that seems to have done the trick. Works like a charm now.

  • ag_yaronag_yaron

    Team Member

    That's great, I'm happy to hear everything is working properly :+1:

  • So I ran into this same problem on Linux (and was confused up until seeing this post since this works fine on Windows and Mac). I'm not entirely happy with this solution, since I don't want the superuser owning a directory in my own home directory. Is there a reason why 1password wants firefox to be in a specific directory and owned by root? Is there any way it can be configured to allow being owned by the person who owns the running process? I can see how this could be used as an attack vector (run some copy of firefox some other user installed and you can't trust it), but I don't see the harm in running a copy of firefox which I installed myself in my own directory and owned by my user.

  • Dayton_agDayton_ag

    Team Member

    Thanks for writing in @LeighK, and I appreciate you highlighting this concern over security!

    This issue is popping up because 1Password is unable to verify the binary permissions for Firefox Developer Edition. By making the directory owned by root, 1Password can verify the expected permissions and will then proceed to run. When we make Firefox Developer owned by root, the attack vectors are actually limited, as it limits the processes that are able to affect the files within the Firefox directory. Of note, setting Firefox to be owned by root does not cause it to run as root.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file