[tor-bugs] #21940 [Applications/Tor Browser]: OSX updater: consider disabling privilege escalation

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu May 11 20:43:44 UTC 2017 

#21940: OSX updater: consider disabling privilege escalation
-------------------------------------------------+-------------------------
 Reporter:  mcs                                  |          Owner:  mcs
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,              |  Actual Points:
  TorBrowserTeam201705R                          |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by linda):

 > Usability aspect here is that many users want to make TBB the default
 web browser, also to make it more secure to open web content from any app,
 and as a part of that, there is the need to install TBB as usual app,
 usually to the default location which usually needs admin privileges on
 any OS.

 I don't think that there is a usability issue here, but that it is a
 security issue that the browser team will make a decision on. A decision
 can be made without my consultation.

 The average internet user (which is different from the average Tor user)
 will likely not know the difference between an application requiring admin
 privileges or not, and will not notice if it does request it. They just
 want to install the thing so that they can use it. Unless it requires a
 different installation pattern than everything they are used to, I don't
 think they will notice.

 Generally, I think we should still do what is best in terms of security.

 (I would like to clarify that "if we de-escalate then things will break
 and we need to fix them" != a usability issue, that's just technical work
 as a result of decisions made. Also "a decision that will have security
 implications" != a usability issue (even if people have preferences over
 it, and if you honor those preferences. I think that's just catering to
 the right userbase. A usability issue is when everything is technically
 working fine, and people still have a hard time using it--i.e. when tor
 launcher asks a user to choose bridges but they don't know what they are
 and choose randomly.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21940#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list