[tbb-dev] Tor Browser self-updater vs. sandboxing

intrigeri intrigeri at boum.org
Mon Jun 30 16:24:26 UTC 2014


while discussing opportunities for increased cooperation between Tails
and Freepto [1] recently, I've mentioned the upcoming Tor Browser's
self-updater, and one of the Freepto developers rightly noted that
there may be a fundamental incompatibility between this updater, and
the desire to confine the browser in a sandbox. Indeed, it seems quite
clear to me that one of the important tasks such a sandbox should
fulfill would be... to avoid the confined program from
modifying itself.

It seems that supporting such sandboxes is part of your plans ([2],
[3]), so I'm curious: what's the TBB team's take on this problem?

[1] http://www.freepto.mx/
[2] https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorP
[3] https://trac.torproject.org/projects/tor/ticket/5791


More information about the tbb-dev mailing list