[tbb-bugs] #21983 [Applications/Tor Browser]: Should we do more to discourage custom prefs and nonstandard addons?

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Apr 18 21:09:39 UTC 2017


#21983: Should we do more to discourage custom prefs and nonstandard addons?
-----------------------------------------+--------------------------
 Reporter:  arthuredelstein              |          Owner:  tbb-team
     Type:  defect                       |         Status:  new
 Priority:  Medium                       |      Milestone:
Component:  Applications/Tor Browser     |        Version:
 Severity:  Normal                       |     Resolution:
 Keywords:  tbb-usability, tbb-security  |  Actual Points:
Parent ID:                               |         Points:
 Reviewer:                               |        Sponsor:
-----------------------------------------+--------------------------
Changes (by yawning):

 * cc: yawning (added)


Comment:

 Maybe?

 For what it's worth, `sandboxed-tor-browser` uses a read-only extensions
 directory, unless the user explicitly configures it read/write.  It
 doesn't do anything with prefs, beyond locking certain prefs.

 In general my feeling is that if people want to reduce their anonymity
 set/get owned because they decied to installing random addons or setting
 placebo tinfoil hat prefs they copy-pasted off some blog/forum/whatever,
 they should be free to.

 I think a different question is, should we have something equivalent to
 `/proc/sys/kernel/tainted` so it's blatantly obvious that they voided
 their (non-existent) warranty when something breaks.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21983#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list