[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13594 [Tor Browser]: Tor Browser Bundle 4.0: updater fails on Windows

Subject: Re: [tor-bugs] #13594 [Tor Browser]: Tor Browser Bundle 4.0: updater fails on Windows
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 29 Oct 2014 16:32:41 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 29 Oct 2014 12:32:51 -0400
In-reply-to: <044.5ee3ac2b96c8105969c3ecf9fc24e923@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.5ee3ac2b96c8105969c3ecf9fc24e923@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#13594: Tor Browser Bundle 4.0: updater fails on Windows
-----------------------------+----------------------
     Reporter:  marc         |      Owner:  tbb-team
         Type:  defect       |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+----------------------

Comment (by cypherpunks):

 > and no ways to bypass it.

 It changes PATH environment variable.
 What for PATH in Tor Browser? What if to change [https://mxr.mozilla.org
 /mozilla-esr31/source/toolkit/xre/nsWindowsWMain.cpp#80 call of  ]
 SanitizeEnvironmentVariables (or directly [https://mxr.mozilla.org
 /mozilla-esr31/source/xpcom/base/nsSetDllDirectory.h#19
 SanitizeEnvironmentVariables], to clear PATH and to fill it by:
 1. The directory from which Tor Browser loaded.
 2. The system directory. Use the GetSystemDirectory function to get the
 path of this directory.
 3. The Windows directory. Use the GetWindowsDirectory function to get the
 path of this directory.
 It allows to protect against injected paths and fixes `updater.exe`
 without extra voodoo or copying of need dlls to need dir.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13594#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #13594 [Tor Browser]: Tor Browser Bundle 4.0: updater fails on Windows XP
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #12498 [Tor]: Implement ed25519 identity keys (prop 220)
Next by Author: Re: [tor-bugs] #13594 [Tor Browser]: Tor Browser Bundle 4.0: updater fails on Windows
Previous by thread: Re: [tor-bugs] #13594 [Tor Browser]: Tor Browser Bundle 4.0: updater fails on Windows
Next by thread: Re: [tor-bugs] #13594 [Tor Browser]: Tor Browser Bundle 4.0: updater fails on Windows
Index(es):
- Author
- Thread