Re: [Tails-dev] What to do about I2P in Tails?

Delete this message

Reply to this message
Author: Jacob Appelbaum
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] What to do about I2P in Tails?
On 7/27/14, intrigeri <intrigeri@???> wrote:
> Hi,
>
>> On 7/26/14, sajolida@??? <sajolida@???> wrote:
>>> Regarding the "when", if we decide to do a first temporary step by
>>> having an "i2p" boot option instead of an option in the Greeter, then we
>>> don't have to wait for the new Greeter... It feels a bit like going
>>> backward regarding our plans on the Greeter but we've been doing that
>>> for truecrypt forever and the doc is ready...
>
> Agreed, this looks like a good short-term plan, thanks!
>


I think I've said it previously but I also agree.

>>> That could be ready for Tails 1.1.1, no?
>
> Yes. I think all it takes is adapting the doc + writing a live-config
> hook that adds enable the needed credentials in sudoers, and makes the
> I2P launcher visible. Anyone willing to give it a try? I'd be happy to
> provide guidance and advice.


I'd be happy to test it, once I manage to get the ISO build working (
eg: #7661 ).

>
> Jacob Appelbaum wrote (27 Jul 2014 01:57:23 GMT) :
>> I wonder though if that also means that the firewall would be locked
>> down by default?
>
> I'm still not convince this buys us much (escalating privs to a user
> that has no running service, in order to benefit from its special
> firewall exceptions, doesn't seem so easy), *but*: if someone does the
> additional work, and if the changes are not too risky and invasive for
> a point-release, then it does seem possible, yes :)
>


If we remove the i2p sudo rule, I'd probably agree that it doesn't buy
us too much. My concern is people jumping between users after the
system is fully booted.

All the best,
Jacob