[tbb-dev] So, about the Linux sandbox in the long term?
yawning at schwanenlied.me
Fri May 26 11:22:36 UTC 2017
I'm curious what the long term plans for the sandbox are, because as it
stands and unless I hear differently, the current status is something
along the lines of:
* I will poke at it if something really bothers me, and I have the
* I will fix bugs if something breaks for me.
* Someone submits well written patches, which I will review and merge,
if I like the patches.
nb: The "if I like the patches" clause is so that it doesn't turn
into a lisp interpreter masquerading as a text editor, that also
happens to launch a browser. This is also largely moot, check the
git history to see why.
A few months ago I sent a detailed list of what remains to be done, and
a time estimate assuming someone was working full time. However, to
be frank, I am increasingly uncertain as to if doing the improvements
(beyond the security/hardening ones) makes any sense because:
* It is my belief that the current Tor Browser architecture is
diametrically opposed to what is required for proper
While `sandboxed-tor-browser` makes a valiant effort, the approach
is hampered and limited by what it has to work with, and it will
forever be stuck reimplementing large chunks of functionality from
firefox, torbutton, and tor-launcher.
* I am a terrible UI programmer, and looking ahead, it will become
increasingly untenable for the sandbox code to chase the incoming
tor-launcher changes, in particular it is unlikely that I will be
willing or able to replicate the UI/UX improvements or the
circumvention auto-discovery feature.
It would be a colossal waste of resources to re-implement something
like "auto discover bridges".
So, if people have a better plan than "the only guaranteed maintenance
it gets is that it will get fixes when it breaks on Yawning's laptop,
or when people submit detailed bug reports that Yawning can fix in
spare time", I'm open to hearing them now.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the tbb-dev