Yawning Angel:
On Fri, 29 Sep 2017 06:01:00 +0000 Georg Koppen gk@torproject.org wrote:
Roger Dingledine:
On Fri, Sep 29, 2017 at 04:59:46AM +0000, Yawning Angel wrote:
Don't know. Depends on if people expect the alpha channel to be usable or not.
Well, I think assuming issues is okay but we should not leave it broken. Yawning, could you tag a new release? Then we can build a new sandboxed-tor-browser and put that out. Just falling back to an older version won't help.
Done.
It is true that the right thing for the Tor Browser team to do now is either to take down the alpha sandbox, because it is known to not work at all, or to put up a new updated one.
Leaving the current one in place is not among the reasonable options. :)
I tend to agree although I think we should avoid just taking it down as it is not totally broken in the sense that choosing any option would result in a non-working browser.
I mean, the stable channel works, which is what people should be using anyway, and it's not the first time that "oh, alpha is broken, and will be for a while" cropped up, so it could be left as is, though now that I tagged, if someone wants to rebuild they can.
Okay. The next alpha will be out in less than three weeks. Maybe that's enough and we point the sandbox alpha users (which run an experimental software in an experiemental sandbox) to the stable series?
However, the bug seems to be due to content sandboxing enabled (if I see that right) and my plan was to just ship the stable Linux series with that enabled in about three weeks if nothing explodes. That would leave sandboxed-tor-browser users on the stable series with the same experience with no way upgrading to 0.0.14 before 7.0.7 gets out. We might want to avoid that.
Constructive(?) suggestions for long term solutions:
- I've said previously what I think should happen so that everyone gets the sandbox. Doing so would remove this as a separate component, with a "new and improved" launcher also handling sandboxing duties. The QA situation presumably will be better in this sort of world, because breaking bugs will render the browser non-functional.
I am a fan. We just need to think how we get there.
- Decouple the sandboxed-tor-browser build/release from the alpha builds, so that the sandbox can be released after it's known to actually work with each new stable/alpha release.
We could think about that one, too. Although I would rather have a way to test those releases in sandboxed-tor-browser beforehand than adding complexity to our release process.
Georg
- (All other options involve varying degrees of "keep doing what we're doing now" and "give up on things". Not really a suggestion, more of an indication of what's likely.)
Regards,
tbb-dev mailing list tbb-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev