[tbb-bugs] #20691 [Applications/Tor Browser]: Updates are not getting properly applied when trying to update to 6.5a4(-hardened) on Linux

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 17 15:26:48 UTC 2016


#20691: Updates are not getting properly applied when trying to update to
6.5a4(-hardened) on Linux
--------------------------------------+--------------------------
 Reporter:  gk                        |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Immediate                 |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Critical                  |     Resolution:
 Keywords:  TorBrowserTeam201611      |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by mcs):

 It is possible that we missed something, but after reading the updater and
 update service code, Kathy and I have concluded that the only workarounds
 are:
 * Users can set `app.update.staging.enabled` to false before attempting
 the update.
 * Users can disable the control port Unix domain socket by setting
 `extensions.torlauncher.control_port_use_socket` to false and restarting
 their browser before attempting the update.

 The other thing to think about is "what will happen during the next
 update, i.e., 6.5a4 to 6.5a5?" The answer is that updates may fail (since
 the 6.5a4 updater which we already shipped is flawed in the same way as
 the 6.5a3 one). There is some good news though: because of the fix for
 #20185, users who have XDG_RUNTIME_DIR set (most people?) will not
 encounter this bug because the Unix domain sockets will be outside of the
 TB installation directory.

 If XDG_RUNTIME_DIR is not set, similar workarounds will be needed for the
 6.5a4 to 6.5a5 update. Note that the "disable Unix domain socket" prefs in
 6.5a4 are `extensions.torlauncher.control_port_use_ipc` and
 `extensions.torlauncher.socks_port_use_ipc` (both would need to be set to
 false).

 There are also prefs that control the location of the Unix domain sockets;
 these could be used to ensure that the sockets are created somewhere
 outside of the installation directory.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20691#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list