No. Without a trusted authority or some other means to verify that the self-signed certificate is indeed coming from the site, there is effectively no security because it is trivial to launch a MITM attack.
For some definition of trivial. But you're right, it's not that simple (see below¹, I need to rant first). It's just that it upset me so much each time Firefox (or whatever browser, they all do it) load a webpage with a self-signed certificate and it acts like if I was attacked and my security is compromised or something… It's not worse than HTTP without SSL so why make me click two times like if I don't know what I'm doing? Nowadays it's more easy to do phishing in plain HTTP than in HTTPS: it's stupid.
¹ Actually it depends on your threat-model. If you assume that the first time you connect to the site there is no MITM (like we all do with SSH connections, don't tell me you always double check the fingerprint of the box you are SSHing to for the first time ;-)), then it is okay to trust the certificate as long as it doesn't change.
Sorry, but I think Firefox is doing exactly the right thing (by default) here. If you want it to do something else, I'd imagine there's a setting you can override somewhere.
In practice it is worse than no SSL because it provides a false sense of security to users who have been trained that HTTPS = secure.
