Does Avast disable my ability to change some options in Firefox?

When I went to Firefox’s “about:preferences” page, at the top of the screen it said, “Your organization has disabled the ability to change some options.” Since my “organization” is me, I didn’t know what to make of it. According to some answers in the Firefox forum, this disabling is caused by Avast. Is this so, and if so, why? And how can I get rid of the disabling? Thanks.

Yup I see that. Never noticed that before.
Not sure what that involves. Don’t know if that’s a result of Avast.
Maybe someone else may know

https://forum.avast.com/index.php?topic=227029.0

Interessant - danke für den Link.

You’re welcome.

Just noticed it on my Firefox 67.0.1 on my Win 7 Pro 64-bit machine.

I do NOT have a folder C:\program files\mozilla firefox\distribution.

I do NOT have a file policies.json anywhere on my C:\ drive.

In my registry key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\Certificates, the only entry is ImportEnterpriseRoots with data value 1 (appearing as 0x00000001 (1)). There are no entries above that subkey Certificates.

In my FF, in about:policies, in “Active”, I see this:

  [u]Policy Name[/u]    [u]Policy Value[/u]
  Certificates    ImportEnterpriseRoots   true

So - is it Avast or not?

If it’s Avast, how is Avast doing this, and what is Avast doing?

I’m not a tech, so please make it simple for dummies. Thanks.

I’ll try to make it simple…

Yes, Avast is doing this. In order to scan HTTPS traffic, Avast has to have its certificate trusted. The certificate is loaded into the Windows Certificate Store when Avast is installed, but Firefox keeps its own list of trusted certificates. So…

Avast creates the Mozilla subkey in the Policies section of the registry (or adds to it, if it already exists) and adds the ImportEnterpriseRoots subkey. That tells Firefox to trust all certificates in the Windows Certificate Store (including, of course, Avast’s).

You will see the Firefox message if either policies.json is present in the distribution folder or the Mozilla key exists in the Policies section of the registry. If you look in about:config in Firefox, you will see that the entry security.enterprise_roots.enabled is locked. This is due to the registry entry.