[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4522 [Tor bundles/installation]: Add privilege separation for bundled browser

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4522 [Tor bundles/installation]: Add privilege separation for bundled browser
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 25 May 2012 06:54:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 25 May 2012 02:54:31 -0400
In-reply-to: <045.a3e8275fff5a92dfc573cb2197d9edf0@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.a3e8275fff5a92dfc573cb2197d9edf0@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4522: Add privilege separation for bundled browser
--------------------------------------+-------------------------------------
 Reporter:  kteel                     |          Owner:  cypherpunks
     Type:  enhancement               |         Status:  assigned   
 Priority:  major                     |      Milestone:             
Component:  Tor bundles/installation  |        Version:             
 Keywords:                            |         Parent:             
   Points:                            |   Actualpoints:             
--------------------------------------+-------------------------------------
Changes (by mikeperry):

 * cc: marlowe, trams (added)
  * status:  needs_information => assigned
  * owner:  mikeperry => cypherpunks


Comment:

 It's occurred to me that we can achieve this easily for platforms that
 support sandboxing by playing nicer with them in terms of using their
 native package formats.

 For the Linuxes, I don't think we have to be *that* nice. If we host our
 own repo, we can get away with tossing TBB in /etc/skel and creating a
 login script to sync it to users' homedirs.

 While we're at it, we can also have this package install the appropriate
 profile for the sandbox (AppArmor for Ubuntu, SELinux for Redhat-derived).

 For Mac, I expect the whole "Here's a package and its sandbox, please
 install them" process will be much smoother in 10.8.. If they let us into
 the app stores, that is...

 For the Linux side especially, this really is something we need community
 help with, I think...

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4522#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5791 [Tor bundles/installation]: Gather apparmor/selinux/seatbelt profiles for each component of TBB (was: Gather apparmor/selinux/sandbox instructions for each component of TBB)
Next by Author: Re: [tor-bugs] #5791 [Tor bundles/installation]: Gather apparmor/selinux/seatbelt profiles for each component of TBB
Previous by thread: Re: [tor-bugs] #4522 [Tor bundles/installation]: Add privilege separation for bundled browser
Next by thread: Re: [tor-bugs] #5291 [Tor bundles/installation]: Re-test TBB on dual-stacked IPv6 machine
Index(es):
- Author
- Thread