Project

General

Profile

Bug #15717

Feature #15023: Upgrade to Tor Browser based on Firefox ESR60

Firefox' "Web Content" processes are not confined as strictly as they used to

Added by intrigeri over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
07/05/2018
Due date:
% Done:

100%

Feature Branch:
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Browser

Description

Previously they would run under their own, stricter AppArmor profile (torbrowser_plugin_container) but they're not a different binary anymore: Firefox now calls its own binary to start a new Web Content process, so these processes run under the torbrowser_firefox profile.


Related issues

Related to Tails - Bug #12679: Sandbox Tor Browser's content renderer processes more strictly Resolved 06/10/2017
Blocks Tails - Feature #15334: Core work 2018Q3: Foundations Team Resolved 02/20/2018

Associated revisions

Revision f6627223 (diff)
Added by intrigeri over 1 year ago

AppArmor: give the Tor Browser "Web Content" process access to the system-wide webext directory (refs: #15717)

… otherwise uBlock cannot be loaded once we confine these processes under their
own AppArmor profile.

History

#1 Updated by intrigeri over 1 year ago

  • Related to Bug #12679: Sandbox Tor Browser's content renderer processes more strictly added

#2 Updated by intrigeri over 1 year ago

#3 Updated by intrigeri over 1 year ago

  • Status changed from Confirmed to Resolved
  • % Done changed from 0 to 100

#4 Updated by intrigeri over 1 year ago

  • Assignee deleted (intrigeri)
  • Type of work changed from Research to Code

Also available in: Atom PDF