TBB in a sandbox (osx)

[Andreas Jonsson <andreas@xxxxxxxxx>]

Hi List!

I've been working with Erinn to sandbox the TBB much like chrome and
ironfox are on osx, but now I think we need some opinions regarding
where to go next.

See this page for more information on what the sandbox is enforcing:

 https://trac.torproject.org/projects/tor/wiki/projects/TorBrowserBundle/OSX/Security

For those that hate clicking on links;
Issues in need of discussion

    * TBB is not allowed to read the users preferences. This can man the
browser look different than other windows (as it will use the default).
    * No plugins - maybe we(or the user) wants flash etc?
    * Should we allow users to add extensions?
    * Are We allowing cut & paste?
    * Are users allowed to write to disk? where?
    * Only system fonts are allowed ( privacy )
    * Uploading files is tricky if users are not allowed to read any
directory visible in finder
    * Certain operations can trigger NSCF errors, which will be present
in the systemlog. This needs testing

Also, as we need to maintain two different policies (as the Sandbox have
different limitations on 10.5 vs 10.6), there might be some limitations
on what we can accomplish on both platforms.

Obvious things left to be done is to sandbox polipo and tor itself (when
they launch from vidalia).

Regards
Andreas
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/