[tor-bugs] #4280 [Tor Browser]: build changes for TBB

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Fri Oct 21 19:23:55 UTC 2011


#4280: build changes for TBB
-------------------------+--------------------------------------------------
 Reporter:  ioerror      |          Owner:  mikeperry
     Type:  defect       |         Status:  new      
 Priority:  normal       |      Milestone:           
Component:  Tor Browser  |        Version:           
 Keywords:               |         Parent:           
   Points:               |   Actualpoints:           
-------------------------+--------------------------------------------------

Comment(by ioerror):

 Replying to [comment:1 mikeperry]:
 > You already get arbitrary code long before you get to ctypes. As soon as
 you get any sort of JS running with XPCOM privs, it is game over.
 Disabling ctypes just makes it impossible for people to run addons like
 Moxie's Convergence in TBB. It's not terribly safe for them to do it
 anyway, but at least we should not require they rebuild TBB to test it and
 other addons for us.
 >

 That sounds like a good reason to disable it. We should aim to reduce
 object code and even functionality when we currently do not use it. I just
 imagine a user installing any old plugin thinking that it's safe - isn't
 that exactly what we want to avoid? We should only *support* as opposed to
 allow extensions that we have either audited or that we believe to be
 safe.

 > The WifiIO has similar uses in extensionland to detect network changes.
 And why is location data necessarily deanonymizing if you enable it
 temporarily in emergency situations while on the road? I've done this from
 time to time while traveling. It can be very handy.

 That seems pretty much like a freak chance that by allowing we'll see
 users screwed.

 >
 > Does it actually make the build smaller? If not, who cares? All of it is
 dealt with in extensionland via torbutton.

 Yeah, I think that it does.

 >
 > Disabling everything in two places just makes our job harder if we want
 to use that functionality later, or if users insist on testing new and
 exciting configurations for us.
 >

 I disagree that it makes our job harder. We have experimental builds for
 experiments and we have stable builds for stability, security and
 anonymity.

 > Nearly everything on this list is something we've contemplated using at
 one point or another, except strip, parental controls, and disk-cache. And
 does the disk-cache option really disable just the disk cache, or the
 memory cache too?

 According to the docs, I see no reason to enable those flags. YMMV. I
 think it's worth considering.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4280#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list