Re: [Tails-dev] Pip is not torified by default

This message is part of the following thread:
Mthe complete thread tree sorted by date
MPatrick at <-
MPatrick at ->
Delete this message

Reply to this message
Author: David A. Wheeler
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Pip is not torified by default


> On Jan 30, 2024, at 9:01 PM, Patrick <thinkpadx220@???> wrote:
>
> Pip requires torsocks to even work when it comes installing things through pip.
> Despite other binaries being set to use torsocks --isolate or set in their own config, pip is not set to use tor by default in tails.
> New users might not know that torsocks is required to launch many applications so they may get confused.
> pip install <example> hangs up (errors out) due to it unable to reach and even fetch things from pypi.org.
>
> Setting a global config for pip to use tor as a proxy would fix this and force pip to use tor.
>
>
> Creating a config file for pip to use globally:
>
> /etc/pip.conf or /etc/xdg/pip/pip.conf with this line:
>
> [global]
> proxy = socks5h:127.0.0.1:9050
>
> The only issue I can see with this is no stream isolation for pip.

You could get some stream isolation by adding a "username" with a value not used by other apps.
The file /usr/local/bin/curl shows how to create a random one each time.
That'd be hard to do in a pip.conf file, but even a "username" created once would create a different
stream compared to other applications on Tails, and that would provide *some* isolation.

--- David A. Wheeler
This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-[Tails-dev] Pip is not torified by defaultRe: [Tails-dev] Pip is not torified by default->
lists.autistici.org administrated by postmasterLurker (version 2.3)