Re: [Tails-dev] Sandboxing Tor Browser: strategy for trackin…

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Sandboxing Tor Browser: strategy for tracking "upstream" AppArmor profile
Hi,

u wrote (24 Jan 2015 19:54:11 GMT) :
>> => I'm in favor of #1.


> Me too.


OK, I'll start preparing things in this direction, then.
(Not to say we can't revert to #2 or something else later,
so more input is still welcome until the end of the month :)

> Indeed, as I am co-maintaining torbrowser-launcher in Debian and work on
> AppArmor a lot these days, I can commit to track changes to the upstream
> profile.


Yay \o/

> Do you want to point me at the Tails-specific patch so I can see what we
> are talking about?


I'll do that once I have implemented it as a patch. In the meantime:
https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/etc/apparmor.d/torbrowser?h=feature/5525-sandbox-web-browser

> Anything else i should know or do?


So far, I don't think so. I'll soon ask for input on this web browser
sandboxing on tails-ux@ for other reasons (spoiler:
https://tails.boum.org/blueprint/sandbox_the_web_browser/#index3h1),
and I hope to send a call for testing in a next few days or, failing
that, February 6.

Cheers!
--
intrigeri