[tbb-bugs] #20352 [Applications/Tor Browser]: Integrate sandboxed Tor Browser into our gitian build system

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 24 00:32:24 UTC 2016

#20352: Integrate sandboxed Tor Browser into our gitian build system
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  task                                 |         Status:
                                                 |  needs_review
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-gitian, tbb-sandboxing,          |  Actual Points:
  GeorgKoppen201611, TorBrowserTeam201611R       |
Parent ID:  #19750                               |         Points:
 Reviewer:                                       |        Sponsor:

Comment (by yawning):

 Replying to [comment:13 mcs]:
 > One small data point: on an up-to-date Ubuntu stable (16.10) system, I
 saw this error message:
 >  Failed to launch Tor Browser: sandbox: bubblewrap appears to be older
 than 0.1.3;, you MUST upgrade.

 Yeah.  That's intentional.  Ubuntu has 0.1.2 (unpatched) which has a
 rather large security issue.  I filed a bug on launchpad that's currently
 being ignored, but past that I am opting for caution rather than
 compatibility on this one, especially since I can't easily disambiguate
 the unpatched vs patched versions of 0.1.2.

 Sorry. :(

 I've tested this on, or have had victims test on:

  * Arch Linux (amd64)
  * Debian stable (amd64/x86)
  * Fedora 24/25 (amd64)
  * OpenSuse Tumbleweed (amd64)

 All of those have up to date packages available (and in the case of Fedora
 25, it's preinstalled, giving the best out of the box experience).

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20352#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list