Hi Yawning,
Thanks for bringing this up and thanks for your work on the sandbox. In my opinion, getting Tor Browser sandboxed should remain a high priority.
A few months ago I sent a detailed list of what remains to be done, and a time estimate assuming someone was working full time. However, to be frank, I am increasingly uncertain as to if doing the improvements (beyond the security/hardening ones) makes any sense because:
- It is my belief that the current Tor Browser architecture is diametrically opposed to what is required for proper containerization.
Can you explain this a little further? Why are these diametrically opposed?
While `sandboxed-tor-browser` makes a valiant effort, the approach is hampered and limited by what it has to work with, and it will forever be stuck reimplementing large chunks of functionality from firefox, torbutton, and tor-launcher.
Are there any other approaches to sandboxing that you now think would be more practical?
Thanks, Arthur