[tor-bugs] #28513 [Applications/Tor Browser]: Change SessionStore so it doesn't violate disk avoidence goal
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Nov 19 03:31:45 UTC 2018
#28513: Change SessionStore so it doesn't violate disk avoidence goal
------------------------------------------+----------------------
Reporter: sysrqb | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
As another data point, following on #28507, we're also violating the disk
avoidance goal because Fennec saves information about open tabs (and
recently closed tabs) on disk in case the app is killed (see the
[https://gitweb.torproject.org/tor-
browser.git/tree/mobile/android/components/SessionStore.js?h=tor-
browser-60.3.0esr-8.5-1 SessionStore]). This allows for restoring the
browser state when the app is next opened.
I hesitate saying we should rip this out because if we want a usable
browser on Android, then we'll need something like this. If the app
doesn't save state, then when the user switches to another app Android may
kill the browser (because it is now running in the background) and the
user will lose their entire browser session.
Given the available options, I think we should keep the SessionStore
enabled and rely on the #28507 preferences for clearing saved state when
the user explicitly closes the app.
I think we can be a little clever with encrypting the session file on
disk, but it'll require some experimentation.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28513>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list