Hello, I went and tagged because getting rid of `/proc` from the firefox container is big improvement both for security and fingerprinting resistance. Changes in version 0.0.9 - 2017-07-03: * Bug 22712: Suppress ATK Bridge initialization which will never work. * Bug 20773: Stop mounting /proc in the Tor Browser container. * Fix the build being broken on Debian Jessie due to #22648. * Remove the undocumented command line options that enable unsafe behavior. I had hoped to transition to using Tor Browser's built in AF_LOCAL support instead of LD_PRELOADing a stub that intercepts certain calls, but Tor Browser's (likely Firefox's) AF_LOCAL support is broken (https://trac.torproject.org/projects/tor/ticket/22794) so this won't happen till the next stable release after the bug is fixed at the earliest[0] Tested on Arch Linux, Fedora 25, Debian Jessie[1]. Regards, -- Yawning Angel [0]: What's the point of supporting AF_LOCAL if denying the creation of AF_INET sockets with seccomp-bpf renders the browser non-functional? [1]: I am aware that Stretch exists, but I can't be bothered updating my test VM. At least I tested it that target unlike the last release.