Author: Jacob Appelbaum Date: To: The Tails public development discussion list Subject: Re: [Tails-dev] What to do about I2P in Tails?
On 7/27/14, intrigeri <intrigeri@???> wrote: > Hi,
>
>> On 7/26/14, sajolida@??? <sajolida@???> wrote:
>>> Regarding the "when", if we decide to do a first temporary step by
>>> having an "i2p" boot option instead of an option in the Greeter, then we
>>> don't have to wait for the new Greeter... It feels a bit like going
>>> backward regarding our plans on the Greeter but we've been doing that
>>> for truecrypt forever and the doc is ready...
>
> Agreed, this looks like a good short-term plan, thanks!
>
I think I've said it previously but I also agree.
>>> That could be ready for Tails 1.1.1, no?
>
> Yes. I think all it takes is adapting the doc + writing a live-config
> hook that adds enable the needed credentials in sudoers, and makes the
> I2P launcher visible. Anyone willing to give it a try? I'd be happy to
> provide guidance and advice.
I'd be happy to test it, once I manage to get the ISO build working (
eg: #7661 ).
>
> Jacob Appelbaum wrote (27 Jul 2014 01:57:23 GMT) :
>> I wonder though if that also means that the firewall would be locked
>> down by default?
>
> I'm still not convince this buys us much (escalating privs to a user
> that has no running service, in order to benefit from its special
> firewall exceptions, doesn't seem so easy), *but*: if someone does the
> additional work, and if the changes are not too risky and invasive for
> a point-release, then it does seem possible, yes :)
>
If we remove the i2p sudo rule, I'd probably agree that it doesn't buy
us too much. My concern is people jumping between users after the
system is fully booted.