Re: [Tails-dev] I2P isolation vs usability

Delete this message

Reply to this message
Author: sajolida
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] I2P isolation vs usability
intrigeri:
> My short-term plan is to allow the Tor Browser to read/write from/to
> one special directory in $HOME (likely: "Downloads"). I guess the same
> trick could be used for the I2P Browser: we could bind-mount
> a directory from $HOME into the I2P Browser's chroot. I think these
> two directories should be different.


If we only bind a directory into that chroot, then we will face
ownership and permissions issues:

- The files copied by the amnesia user into this special folder will be
600 as by default and the special browser won't be able to access them.
- The files created by the special browser into this special folder will
be read-only by the amnesia user (unless we set a different umask for
the special browser).

--
sajolida