[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3861 [Tor bundles/installation]: begin signing Windows packages the Windows way



#3861: begin signing Windows packages the Windows way
-------------------------------------+-------------------------------------
     Reporter:  erinn                |      Owner:  gk
         Type:  enhancement          |     Status:  closed
     Priority:  normal               |  Milestone:
    Component:  Tor                  |    Version:
  bundles/installation               |   Keywords:  tbb-3.0, tbb-security,
   Resolution:  fixed                |  tbb-usability-stoppoint-app,
Actual Points:                       |  tbb-4.5-alpha
       Points:                       |  Parent ID:
-------------------------------------+-------------------------------------

Comment (by gk):

 Replying to [comment:28 starlight]:
 > Many file not signed.  Does not run with AppLocker "publisher" rule.
 >
 > Incomplete sample of unsigned files:
 >
 > {{{
 > AppData\Local\Temp\nsf4B85.tmp\LangDLL.dll
 > AppData\Local\Temp\nsh8E95.tmp\nsDialogs.dll
 > AppData\Local\Temp\nsh8E95.tmp\System.dll
 >
 > Tor_Browser-4.5a5\Browser\firefox.exe
 > Tor_Browser-4.5a5\Browser\mozalloc.dll
 > Tor_Browser-4.5a5\Browser\mozglue.dll
 > Tor_Browser-4.5a5\Browser\gkmedias.dll
 > Tor_Browser-4.5a5\Browser\mozjs.dll
 > Tor_Browser-4.5a5\Browser\xul.dll
 > Tor_Browser-4.5a5\Browser\browser\components\browsercomps.dll
 > Tor_Browser-4.5a5\Browser\TorBrowser\Tor\tor.exe
 >
 > }}}
 Hmm... Tor Browser does not work with the default AppLocker configuration
 either, see: https://bugzilla.mozilla.org/show_bug.cgi?id=902771. But it
 would work with the secure file hash configuration. Maybe that is a good
 idea anyway if one has high security in mind and is trying to get that via
 AppLocker. I created #15687 to think about what we want to support.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3861#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs