[tor-bugs] #13252 [Tor Browser]: Tor Browser on OS X should not store data into the application bundle

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Mar 14 15:56:49 UTC 2016 

#13252: Tor Browser on OS X should not store data into the application bundle
----------------------------------+--------------------------------
 Reporter:  torosx                |          Owner:  mcs
     Type:  defect                |         Status:  needs_revision
 Priority:  Medium                |      Milestone:
Component:  Tor Browser           |        Version:
 Severity:  Normal                |     Resolution:
 Keywords:  TorBrowserTeam201603  |  Actual Points:
Parent ID:  #6540                 |         Points:
 Reviewer:                        |        Sponsor:
----------------------------------+--------------------------------

Comment (by mcs):

 Replying to [comment:37 gk]:
 > [snip] Re the missing commit it looks good to me. I'd like to understand
 better the following, though:
 >
 > {{{
 > +        // Display an error alert and continue startup. Since XPCOM was
 > +        // initialized in a limited way inside ProfileErrorDialog() and
 > +        // because it cannot be reinitialized, use LaunchChild() to
 start
 > +        // the browser.
 > }}}
 > What exactly is happening in this case? What is the user experiencing? I
 assume no IP leakage? But what else?

 If this code path is followed (because migration of the old/existing
 profile failed), the user will see an error alert that looks like this:
 {{{
 Tor Browser Profile Problem

 Migration of your existing Tor Browser profile failed.
 New settings will be used.
 }}}

 After they click OK, the browser will appear to continue to start up, a
 new profile will be created, and they will see the language prompt or
 network settings wizard. To the user, it will be as if they downloaded a
 new copy of Tor Browser, although if they poke inside TorBrowser.app they
 can find an old TorBrowser/ directory that contains their old profile,
 their old Tor data directory, and their old UpdateInfo.

 Above I said "'''appear''' to continue to start up" because firefox is
 actually re-exec'd inside LaunchChild(). Doing so ensures a clean startup.
 This same technique is used by Mozilla whenever a dialog is displayed
 early on, e.g., there is a LaunchChild() call at the very end of
 ShowProfileManager() (profile picker dialog).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13252#comment:38>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list