[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor Browser Linux_don't extract to root



On 04/12/2017 03:23 AM, Jonathan Marquardt wrote:
Both methods (putting apps into global dirs vs. putting them into home dirs) 
have their own advantages and disadvantages.
Jonathan - thanks. Other than automatically updating, what are the advantages of installing to /home/user - or somewhere not root owned? The other main disadvantage is, it makes TBB program files easily accessible to malware, or anyone / thing w/ access to your machine, after the user logs on.
Yes - technically /home/user. There is a separate "/home" under System Files, but if there's only one user acct, then it contains the same folders as clicking /home/user. AFAIK, for single user acct setup, the only things under "/home" are user files & settings. Most accessible by the acct user w/o a PW.
No, I don't mean "ordinary, non-malicious stuff" D/L through TBB. TBB isn't 100% bullet proof - nor any other app. I mean malicious things that could slip by, even via zero days. Zero days - maybe unlikely. Other methods - apparently not terribly difficult.
That's why I said, "So anything that makes it past basic defenses of the browser, NoScript, etc. - would 
generally have r/w/x permissions on most TBB files in /home(/user)."
I assumed that was clear it implied malware, or a malicious sites, or adversary - say, trying to modify TBB program files, etc. Not ordinary websites, following the rules.
Again, IIUC, "malware" making it past browser & NoScript defenses and AV - if using one, has far easier access to TBB program files than apps installed to limited permissions directories. TBB files are less protected than a normal browser installed from repositories, or even installed manually to say, /opt. That's the part I don't understand - why TorProject seems to encourage lessening some of Linux security, rather than increasing it.
Perhaps if Tor Project doesn't want to set up a PPA (and guard, monitor it) - so TBB can auto-update, they should include a sort of "Tor / TBB file checker" - to monitor for changed files that shouldn't change, unless from updates. Seems logical to create a PPA. They could / should check signatures - automatically - when the updates / installs finish downloading from the PPA, before installing. 

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk