Securing Legacy Firefox Extensions With SENTINEL
A poorly designed web browser extension with security vulnerability may expose the whole system to an attacker. Therefore, attacks directed at "Benign-but-buggy" extensions, as well as extensions that have been written with malicious intents pose significant security threats to a system running such components. Recent studies have in-deed shown that many Firefox extensions are over-privileged, making them attractive attack targets. Unfortunately, users currently do not have many options when it comes to protecting themselves from extensions that may potentially be malicious. Once installed and executed, the extension needs to be trusted.