[tor-bugs] #21939 [Applications/Tor Browser]: start-tor-browser.desktop hack will soon stop working

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Apr 13 19:35:07 UTC 2017 

#21939: start-tor-browser.desktop hack will soon stop working
------------------------------------------+----------------------
     Reporter:  micahlee                  |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 The Linux version of Tor Browser is made more usable by a kind of hacky
 `start-tor-browser.desktop` file. Users can both execute it in a terminal
 to launch Tor Browser, and also double-click it from a GUI file manager
 like nautilus.

 However, `.desktop` files can be used to hide malware. See this upstream
 nautilus bug [1], which has already been resolved. Also see this blog post
 [2] for more about how this bug allows attackers to compromise Subgraph
 OS.

 Once this patch makes it to the versions of nautilus that Linux users have
 installed on their computers, the Tor Browser desktop file will break.
 Instead of saying "Tor Browser" with the Tor icon, it will say "start-tor-
 browser.desktop" with a default icon, and when the user tries double-
 clicking it it will pop up an "Untrusted application launcher" warning
 that the user has to click through.

 One possible solution to this problem is to start distributing Tor Browser
 as a real Linux package that can be installed system-wide, with a
 `.desktop` file installed to `/usr/share/applications` like other
 software. I discussed this idea a bit in this thread [3].

 [1] https://bugzilla.gnome.org/show_bug.cgi?id=777991
 [2] https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-
 os/
 [3] https://lists.torproject.org/pipermail/tor-
 meeting/2017-March/000162.html

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21939>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list