I've deployed Firefox 4.0.1 into my school.
Apologies - I'm not up-to-date with this thread, but as I saw mention of Firefox 4, thought I'd explain what I've done. Someone might find this of benefit I suppose, but I can't go into too much depth.
Building a secure package took a bit of time to craft - may be some tips here for people...
Modify and deploy firefox using the setup.exe program which you can extract from the Firefox executable, I think using 7-zip from memory. You can run this setup program silently, so ideal for rolling out using a startup script.
Created a mozilla.cfg to lock various things down, set up Firefox and hard code the proxy into Firefox. This is byte shifted using the "Byte Shifter.exe" program, a free download. Generally, I found the mozilla.cfg from 3.6.x works okay in 4.0.1, but there were a couple of entries from memory that it fell foul of, and for the life of me I can't remember what they are - I think that it was the ordering of the "ui.key." preferences.
Using 7-zip, deleted the followling from the omni.jar file...
On top of this, edited the following files with Notepad ++...
Editing the two above files can really lock down your Firefox install. For instance, for some pupils, we present a "you are blocked" page when the pupil tries to access an unapproved https document. This is done using a couple of home brew functions in browser.js, called from within browser.js.
By knocking out lines from browser.xul, you can also disable some of the keypresses such as accessing the history, the side bar, bookmarks, etc. You might be able to do some of this with the userChrome.css file, but once it's removed from browser.xul, there's no way around it - the key press is removed from Firefox.
To edit these files, copy them out of the omni.jar file, edit them with notepad ++, and then put them back again into omni.jar using 7-zip.
I've set up a modified localstore.rdf file in the user profile to remove certain things, including the search bar. This presents a unified search and address bar.
If you use a unified bar, you need to use a WPAD.DAT file for your proxies, or at least we did, so anything which is not an fully qualified address can be set to a local "direct" rather than proxied connection. Then the local PC rather than the proxy does a DNS lookup on the search term, finds that it fails, and then treats it as a search term rather than a host name. We found that if the proxy is sent these requests, then the proxy will just display a "DNS failed" error on a web page, and so the search does not happen. I hope that that makes sense.
I deploy this in a startup script which deploys Firefox, then applies the customisations, sets as the default browser, and then updates the plug-ins such as Flash, Adobe Reader, JRE, etc.
I do use userChrome.css and userContent.css files for locking down the interface further too. In the logon script, if the user does not already have a firefox profile, one is set up in a "default" profile folder, with customisations copied in.
Looking at what is on the thread, it feels that what we have done is a bit of a hack, but as long as it works!
Get in touch if you want more info.