[noisem4ker]

Configuration and add-ons reside in %AppData%, or an orherwise user-writable profile directory. Compromising the executable, which lives under %ProgramFiles%, or an otherwise protected directory, takes administrator rights.

Beyond this plausible inconvenience, however, Mozilla simply doesn't want regular users messing with unapproved add-ons. Just switch Firefox to Developer Edition for that. It's been very stable, in my experience.

[jsploit]

The Firefox profile directory also contains sensitive things like its file cache and trusted CA database, so you don't need to plant a malicious extension to achieve significant impact when you only have write access.

[hda2]

Then why wont they allow users to install their unsigned addons in %ProgramFiles%? I don't think protecting against a compromised %AppData% was their only goal.