[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21940 [Applications/Tor Browser]: OSX updater: consider disabling privilege escalation

Subject: Re: [tor-bugs] #21940 [Applications/Tor Browser]: OSX updater: consider disabling privilege escalation
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 11 May 2017 18:35:49 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 11 May 2017 14:36:01 -0400
In-reply-to: <043.fc70bf70fa28f4a53c9c2fc1cc8cf284@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.fc70bf70fa28f4a53c9c2fc1cc8cf284@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21940: OSX updater: consider disabling privilege escalation
-------------------------------------------------+-------------------------
 Reporter:  mcs                                  |          Owner:  mcs
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,              |  Actual Points:
  TorBrowserTeam201705                           |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by mcs):

 * owner:  tbb-team => mcs
 * cc: arthuredelstein, boklm (added)
 * status:  new => assigned


Comment:

 Replying to [comment:7 gk]:
 > So, do we think the risk of privilege escalation support is worth it? If
 not, how much work would it be to "back" this out?

 Sorry for the delayed response. Kathy and I have been working on a patch
 to disable the OSX elevation code, similar to what we do on Windows (a
 complete back out of the Mozilla patches that added this feature would be
 quite painful). Changing the code as little as possible while still
 achieving the correct error reporting behavior turned out to be a little
 tricky, but I think we have a good patch now. We will post it here as soon
 as we finish one more round of testing.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21940#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #22101 [Core Tor/Tor]: Can't have relative DataDirectory with CookieAuthentication enabled
Next by Author: Re: [tor-bugs] #22451 [Applications/Tor Browser]: about:cache is not useful anymore in ESR52-based Tor Browser (only wyciwyg-URIs if at all any)
Previous by thread: Re: [tor-bugs] #21940 [Applications/Tor Browser]: OSX updater: consider disabling privilege escalation
Next by thread: Re: [tor-bugs] #21940 [Applications/Tor Browser]: OSX updater: consider disabling privilege escalation
Index(es):
- Author
- Thread