[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3861 [Tor bundles/installation]: begin signing Windows packages the Windows way

Subject: Re: [tor-bugs] #3861 [Tor bundles/installation]: begin signing Windows packages the Windows way
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 28 Feb 2015 05:36:56 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 28 Feb 2015 00:37:04 -0500
In-reply-to: <045.37e81eb0241462f506afc6c107c51d33@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.37e81eb0241462f506afc6c107c51d33@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#3861: begin signing Windows packages the Windows way
-------------------------------------+-------------------------------------
     Reporter:  erinn                |      Owner:  erinn
         Type:  enhancement          |     Status:  new
     Priority:  normal               |  Milestone:
    Component:  Tor                  |    Version:
  bundles/installation               |   Keywords:  tbb-3.0, tbb-security,
   Resolution:                       |  tbb-usability-stoppoint-app,
Actual Points:                       |  tbb-4.5-alpha
       Points:                       |  Parent ID:
-------------------------------------+-------------------------------------

Comment (by starlight):

 A major benefit of signing binaries is that
 TBB can be readily whitelisted in AppLocker
 (and presumably other whitelist tools).
 Please sign all the .DLLs, .PYDs and .EXEs as
 well as the actual release bundle .EXE.

 I've been experimenting with strict whitelisting
 on a system and just upgraded to 4.5a4.  Was
 some trouble to add hashes for all the files!

 With a set of fully signed binaries, one
 only has to add the rule to allow the Tor
 Project certificate one time.  MS's AppLocker
 does not check certificate hashes (I'm not
 sure if that's good design or not) so if the
 attributes of a renewed certificate stay the
 same, a TBB "publisher" rule should continue
 to work through cert rollovers.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3861#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #15067 [- Select a component]: Whether you are superficial for substance,
Next by Author: Re: [tor-bugs] #3861 [Tor bundles/installation]: begin signing Windows packages the Windows way
Previous by thread: Re: [tor-bugs] #3861 [Tor bundles/installation]: begin signing Windows packages the Windows way
Next by thread: Re: [tor-bugs] #3861 [Tor bundles/installation]: begin signing Windows packages the Windows way
Index(es):
- Author
- Thread