InformAction Forums

Is there a way to block user access to NoScript "Options..." in the NoScript context menu. We are considering installing this on user desktops at my office, for obvious reasons, but I fear users will quickly find the "Allow scripts globally" option and just turn that on. Thank you!

Can you use a lockpref file?

Setting a lockpref for many of the NoScript options does seem to do the trick. It looks like you can go and check the box for "Allow scripts globally", but the option doesn't take effect. However, it would be very nice if there was a lockable option to just disable user access to options all together, or at least individual tabs. Hopefully I'll be able to find a way to do that, or one will be created!

Beenc wrote:However, it would be very nice if there was a lockable option to just disable user access to options all together, or at least individual tabs. Hopefully I'll be able to find a way to do that, or one will be created!

Most of the point of NoScript is that it gives control back to the user, and providing such an option would allow taking more control away from the user than they would have had even without installing NS in the first place. It would also allow NoScript options to be set in an undesirable way, then locked away from the user, by e.g. malware; also, I suspect some not-so-techie users would unwittingly set that and lock themselves out of NoScript Options.
I like being able to control the software I install. I hope that NS doesn't ever include a feature like that.

I definitely understand your point from an individual point of view, and you're probably right about someone accidentally locking themselves out of options. The fact remains that NoScript is an excellent tool that I'm sure plenty of businesses make use of. In light of that, it would be nice to have a configuration option that allowed for more control. Perhaps additional options hidden in about:config, or an additional config file that could be created and placed only in a distribution folder to provide this sort of control. Both would make it more difficult for malware to modify the behavior of notouch.

At any rate, setting lockPref options in the mozilla.cfg file works well enough. While it doesn't hide the settings it does keep them set as desired. Thanks!

You're welcome.
The lockpref file seems to me to be the best solution for keeping NoScript settings a certain way while not taking control away from users unnecessarily or giving malware more room to make damage.
If you're interested in hiding settings too... can you deploy either a userChrome.css or a Stylish user style (part of a "stylish.sqlite" file in the profile directory)? If so, I can help you construct the style if you want. (Mostly it's just a matter of poking around with something like DOM Inspector to find the right selectors.)

I'll read up on styles and toy around with it. I really appreciate the help and the pointers.