[tor-bugs] #22910 [Applications/Tor Browser Sandbox]: Deprecate the volatile extension dir options (was: Deprecate the extra codecs/volatile extension dir options)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jul 15 04:54:59 UTC 2017
#22910: Deprecate the volatile extension dir options
----------------------------------------------+--------------------------
Reporter: yawning | Owner: yawning
Type: enhancement | Status: accepted
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+--------------------------
Old description:
> Having massive "foot + gun" options in general is bad practice.
>
> The extra codecs will expose ffmpeg to the browser container, which is a
> concrete increase in attack surface for questionable gain (gstreamer is
> never allowed).
>
> The volatile extension dir gives firefox more write access than what
> anyone that's vaguely security conscious should be comfortable with, to
> critical browser components, and there's the ongoing `about:addons`
> fisasco.
New description:
Having massive "foot + gun" options in general is bad practice.
~~~The extra codecs will expose ffmpeg to the browser container, which is
a concrete increase in attack surface for questionable gain (gstreamer is
never allowed).~~~
The volatile extension dir gives firefox more write access than what
anyone that's vaguely security conscious should be comfortable with, to
critical browser components, and there's the ongoing `about:addons`
fisasco.
--
Comment (by yawning):
The extra codec deprecation is now #22933, and this ticket is fixed in
master.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22910#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list