[tor-bugs] #7008 [Tor bundles/installation]: Make it safe to run Flash in TBB
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 21 11:18:51 UTC 2012
#7008: Make it safe to run Flash in TBB
--------------------------------------+-------------------------------------
Reporter: arma | Owner: mikeperry
Type: project | Status: new
Priority: normal | Milestone:
Component: Tor bundles/installation | Version:
Keywords: SponsorJ | Parent:
Points: | Actualpoints:
--------------------------------------+-------------------------------------
Comment(by trams):
Added example policy for flash that plays youtube and some other random
tests. This policy is not something that is viable for production, but
gives a fair idea of what flash needs to do.
Debugging is a bit tricky as ff happily hangs if plugin-container
misbehaves too much.
Open questions:
1. How much can flash affect the core browser via NPAPI? If NPAPI is too
liberal, we might need to contain the browser as well.
2. Does flash respect proxy settings? IF it does, we can replace
(allow network-outbound
(literal "/private/var/run/mDNSResponder")
(remote tcp "*:1935")
(remote tcp "*:443")
(remote tcp "*:80"))
With simply letting it talk to the tor socks, and nothing else, network
wise.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7008#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list