[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor Browser Linux_don't extract to root

On 04/11/2017 03:47 AM, Jonathan Marquardt wrote:
On Mon, Apr 10, 2017 at 07:11:48PM -0500, Joe Btfsplk wrote:
What is the reason(s) the TBB instructions say do not install (extract) TBB
to root?
Is it so the TBB files will be in a location where the user has write
permissions, so that TBB updates can automatically  D/L and install?
Yes, that's the biggest advantage, I think. We don’t want superold versions of
TBB to be used, do we?
Other than that, does installing TBB to a location where anyone / anything
has full r/w/x permissions (like in /home), weaken the security of Linux,
compared to packages installed via a distro's software manager?
If "anyone / anything has full r/w/x permissions" in /home on your system,
you're doing something very wrong. Only the individual users should have write
permissions in their own home directories. On a multi-user system it is also a
good idea to give "world" zero permissions in your user home directory so no
other users can read your files.

Thanks. I may be missing something here. Anyone feel free to correct me where I'm wrong. I'm not "doing" anything with /home permissions - it's Linux defaults. AFAIK, once a user logs into their 'nix acct, anything that writes to (most) files in /home can do so - w/o any prompting.

For browsers - Firefox - that's full access to most things under .mozilla, but not Firefox program files - installed elsewhere. In /home, the user is the owner & has full r/w/x permissions for most files there - no PW required to change files there (once logged in). There're some exceptions to that, like .local/keyrings.

For TBB extracted to a folder in /home, on files I checked (tor, cached-certs, torrc, etc.) - the user is owner & has r/w/(x) permissions by default. No PW required - like any document in /home. So anything that makes it past basic defenses of the browser, NoScript, etc. - would generally have r/w/x permissions on most TBB files in /home - yes?

Conversely, Firefox installed to /usr & other protected directories that most installed apps use, by default the user or anything making it onto the computer don't have w/x permissions for those "program files." Yes? That's part of Linux overall security.

Maybe I'm missing something. Tor Project goes to great lengths to provide uncompromised TBB copies & ways to verify them, but at least in Linux - advises putting it in the least secure area, so it can update automatically with one click? (because TBB wasn't installed via a Linux software manager & therefore automatic updates wouldn't be allowed). Seems like that's in opposition to all the other TBB security efforts.

When Linux users choose to D/L the latest release from mozilla & install to /opt or /usr/local, it won't update automatically or w/ a click, AFAIK. Unless you change ownership / permissions of those directories - which I've read is a bad idea, security wise. (I'm not sure the D/L Linux Fx ver has "update now" available in about:firefox, anyway).

But, for Fx or Tbird in /opt you can install update files from Mozilla easily enough using sudo. It takes typing a few characters vs. one click.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to