Lock Firefox 6 Prefs (Also versions 3, 4, & 5)
In a corporate environment, it's often important to enforce Internet proxy settings for all users. Setting those options automatically is often difficult. Making them locked and immutable is even more difficult and poorly documented. Today we'll learn the basics, and from there you can customize Firefox as much or as little as you like.
The first thing to understand is how Firefox preferences work. In your browser, type the address "about:config" and press enter. After agreeing to their warning message, you should see a whole list of configuration options listed with their current settings. These settings are for your user only, but it should help you get the notion for just how many settings are possible to set.
If you're comfortable with the command line, the steps we're going to go over are quicker and easier with a terminal window, but we're going to show the GUI way so as not to exclude anyone. (If you are comfortable on the command line, you'll know how to follow the directions below without any problems)
I'm using Ubuntu 11.04 for this demonstration, but most distributions have similar setups. You might have to search a little for where preference files are stored, but the procedure will be similar. First we need to open a Nautilus window with superuser privileges. To do that, press ALT-F2, then type:
gksudo nautilus and press enter.
Next we need to navigate the file system to the
/etc/firefox directory. Depending on your version of Firefox, and your distribution, this folder and its contents might vary a bit. This is what it looks like with Ubuntu 11.04 and Firefox 6:
The file we want to edit is that
syspref.js file. This file might not be here for different versions, in which case you can try editing whatever .js file you find. Also files inside the pref folder are usually parsed, so you could create a .js file in there and it will probably work. Unfortunately, you'll just need to try it and see if it works.
Double click on the file, and it should open (with superuser privileges) in a text editor. You'll see this file was designed for adding custom preferences. Unfortunately, you can't lock preferences in here. Anything added to this file will be the default for new users, but you can't lock any preferences for all users. What we'll do is add a directive for another config file. In that one, we can lock prefs. You'll want to add the following to the bottom of the
Here's what my file looks like:
Close that window and save the file. Next we need to make the
firefox.cfg file we referenced. It would make sense that we'd put the file in the same folder, but sadly that's not the case. The file
firefox.cfg with our locked preference settings needs to go in the
/usr/lib/firefox-$VERSION/ folder. We need to replace $VERSION with the currently installed version of Firefox. That's where it gets a little confusing. If Firefox gets updated, we have to remember to move the firefox.cfg file to the new
firefox-$VERSION folder. To do that, look in
/usr/lib for the firefox folders that exist, and pick your current version. Here I've highlighted my current version, which is
Once inside that folder, we need to create the lock file, which must be named whatever we called it back in the syspref.js file. In our case, we need to create a file called firefox.cfg.
Make sure to name the file "firefox.cfg" when you create it. Then double-click on the file, and we'll add our custom configuration. The preferences I'm most concerned with are Homepage Settings and Proxy Settings. Here's what goes into my firefox.cfg:
// Lock specific preferences in Firefox so that users cannot edit them
lockPref("network.proxy.no_proxies_on", "localhost, 127.0.0.1, 192.168.1.0/24");
Note the lockPref directive. It differs from what we put in the syspref.js file, and as you'd expect, it locks the given preference. Here's what it looks like on my system:
All that is left is to save that file, and close the Nautilus window. (Remember, you're running Nautilus as root -- that's not something you want to do willy nilly) Now, when users start Firefox, it will use the preferences you set, regardless of any setting they might have already set. For example, if a user tries to edit the proxy settings on my system, the fields I specified are not even available to change!
Hopefully this tutorial can be adapted to meet your Firefox needs. The ability to lock preferences is vital in a large network. I wish the procedure was better documented, but at least it's possible. Have fun!
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The US Government and Open-Source Software
- The Humble Hacker?
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide