v122 (#1764)

- remove group root/wheel check

prefsCleaner.sh

@@ -2,7 +2,7 @@
 
 ## prefs.js cleaner for Linux/Mac
 ## author: @claustromaniac
-## version: 2.0
+## version: 2.1
 
 ## special thanks to @overdodactyl and @earthlng for a few snippets that I stol..*cough* borrowed from the updater.sh
 
@@ -132,13 +132,13 @@ done
 ## change directory to the Firefox profile directory
 cd "$(dirname "${SCRIPT_FILE}")"
 
-# Check if running as root and if any files have the owner/group as root/wheel.
+# Check if running as root and if any files have the owner as root/wheel.
 if [ "${EUID:-"$(id -u)"}" -eq 0 ]; then
 	fQuit 1 "You shouldn't run this with elevated privileges (such as with doas/sudo)."
-elif [ -n "$(find ./ -user 0 -o -group 0)" ]; then
+elif [ -n "$(find ./ -user 0)" ]; then
 	printf 'It looks like this script was previously run with elevated privileges,
 you will need to change ownership of the following files to your user:\n'
-	find . -user 0 -o -group 0
+	find . -user 0
 	fQuit 1
 fi
 
@@ -148,7 +148,7 @@ echo -e "\n\n"
 echo "                   ╔══════════════════════════╗"
 echo "                   ║     prefs.js cleaner     ║"
 echo "                   ║    by claustromaniac     ║"
-echo "                   ║           v2.0           ║"
+echo "                   ║           v2.1           ║"
 echo "                   ╚══════════════════════════╝"
 echo -e "\nThis script should be run from your Firefox profile directory.\n"
 echo "It will remove any entries from prefs.js that also exist in user.js."

updater.sh

@@ -2,7 +2,7 @@
 
 ## arkenfox user.js updater for macOS and Linux
 
-## version: 3.9
+## version: 4.0
 ## Author: Pat Johnson (@overdodactyl)
 ## Additional contributors: @earthlng, @ema-pe, @claustromaniac, @infinitewarp
 
@@ -393,11 +393,11 @@ update_updater "$@"
 getProfilePath # updates PROFILE_PATH or exits on error
 cd "$PROFILE_PATH" || exit 1
 
-# Check if any files have the owner/group as root/wheel.
+# Check if any files have the owner as root/wheel.
-if [ -n "$(find ./ -user 0 -o -group 0)" ]; then
+if [ -n "$(find ./ -user 0)" ]; then
 	printf 'It looks like this script was previously run with elevated privileges,
 you will need to change ownership of the following files to your user:\n'
-	find . -user 0 -o -group 0
+	find . -user 0
 	cd "$CURRDIR"
 	exit 1
 fi

user.js

@@ -1,7 +1,7 @@
 /******
 *    name: arkenfox user.js
-*    date: 20 November 2023
+*    date: 5 February 2024
-* version: 119
+* version: 122
 *    urls: https://github.com/arkenfox/user.js [repo]
 *        : https://arkenfox.github.io/gui/ [interactive]
 * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
@@ -56,6 +56,7 @@
   2600: MISCELLANEOUS
   2700: ETP (ENHANCED TRACKING PROTECTION)
   2800: SHUTDOWN & SANITIZING
+  4000: FPP (fingerprintingProtection)
   4500: RFP (resistFingerprinting)
   5000: OPTIONAL OPSEC
   5500: OPTIONAL HARDENING
@@ -686,8 +687,32 @@ user_pref("privacy.cpd.cookies", false);
  * which will display a blank value, and are not guaranteed to work ***/
 user_pref("privacy.sanitize.timeSpan", 0);
 
+/*** [SECTION 4000]: FPP (fingerprintingProtection)
+   RFP (4501) overrides FPP
+
+   In FF118+ FPP is on by default in private windows (4001) and in FF119+ is controlled
+   by ETP (2701). FPP will also use Remote Services in future to relax FPP protections
+   on a per site basis for compatibility (pref coming).
+
+   1826408 - restrict fonts to system (kBaseFonts + kLangPackFonts) (Windows, Mac, some Linux)
+      https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
+   1858181 - subtly randomize canvas per eTLD+1, per session and per window-mode (FF120+)
+***/
+user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!");
+/* 4001: enable FPP in PB mode [FF114+]
+ * [NOTE] In FF119+, FPP for all modes (7106) is enabled with ETP Strict (2701) ***/
+   // user_pref("privacy.fingerprintingProtection.pbmode", true); // [DEFAULT: true FF118+]
+/* 4002: set global FPP overrides [FF114+]
+ * Controls what protections FPP uses globally, including "RFPTargets" (despite the name these are
+ * not used by RFP) e.g. "+AllTargets,-CSSPrefersColorScheme" or "-AllTargets,+CanvasRandomization"
+ * [NOTE] Be aware that not all RFP protections are necessarily in RFPTargets
+ * [WARNING] Not recommended. Either use RFP or FPP at defaults
+ * [1] https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargets.inc ***/
+   // user_pref("privacy.fingerprintingProtection.overrides", "");
+
 /*** [SECTION 4500]: RFP (resistFingerprinting)
-   RFP covers a wide range of ongoing fingerprinting solutions.
+   RFP overrides FPP (4000)
+
    It is an all-or-nothing buy in: you cannot pick and choose what parts you want
    [TEST] https://arkenfox.github.io/TZP/tzp.html
 
@@ -741,8 +766,8 @@ user_pref("privacy.sanitize.timeSpan", 0);
 ***/
 user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
 /* 4501: enable RFP
- * [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar
+ * [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar.
- * RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme
+ * RFP also has a few side effects: mainly timezone is UTC, and websites will prefer light theme
  * [NOTE] pbmode applies if true and the original pref is false
  * [1] https://bugzilla.mozilla.org/418986 ***/
 user_pref("privacy.resistFingerprinting", true); // [FF41+]
@@ -1069,7 +1094,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
    // user_pref("privacy.fingerprintingProtection", true); // [FF114+] [ETP FF119+]
    // user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true);
    // user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+]
-   // user_pref("privacy.partition.network_state.ocsp_cache", true);
+   // user_pref("privacy.partition.network_state.ocsp_cache", true); // [DEFAULT: true FF123+]
    // user_pref("privacy.query_stripping.enabled", true); // [FF101+]
    // user_pref("privacy.trackingprotection.enabled", true);
    // user_pref("privacy.trackingprotection.socialtracking.enabled", true);