On 2/14/15 1:45 AM, Yawning Angel wrote:
Hi,
The Warning: DO NOT USE MY BRANCH YET, IT HAS HAD MINIMAL TESTING AND REVIEW. IT IS NOT DONE. IT WILL BROADCAST YOUR SECRETS TO THE NSA'S ORBITAL SPACE STATION.
Trac Ticket: https://trac.torproject.org/projects/tor/ticket/6411 Branch: https://github.com/Yawning/tor/compare/feature6411
I'm fine with the proposal.
That's an important part of a set of tickets designed to enable the use of a Tor integration without ever touching the filesystem within third party application and application controllers (such as TxTorCon/ORbot) .
This complement the already closed #13865 (https://trac.torproject.org/projects/tor/ticket/6411) and the yet-to-be-discussed #14899 (Enable Tor to work without using filesystem for cached files https://trac.torproject.org/projects/tor/ticket/14899).
When #6411 will be integrated and #14899 will be implemented: - Tor AppArmor profile can be imporved by completely disabling filesystem read/write (when integrated with a third part app) - Third party App can fully use Tor by keeping all it's configuration directive, keys (for TorHS) and caches (for descriptors/consensus) in the application database
Once all of that will be possible, we'll be able to make a 100% clean Tor integration into GlobaLeaks (that's undergoing an architecture refactor to have a master/slave process).