Project

General

Profile

Feature #12226

Feature #12230: Release Tails Server Beta

Initial review of Tails Server implementation

Added by anonym 8 months ago. Updated about 1 month ago.

Status:
In Progress
Priority:
Normal
Assignee:
Category:
-
Target version:
Start date:
02/13/2017
Due date:
% Done:

20%

QA Check:
Feature Branch:
Type of work:
Code
Blueprint:
Easy:
Affected tool:
Server

History

#1 Updated by segfault 8 months ago

#2 Updated by anonym 8 months ago

  • Target version changed from Tails_2.11 to Tails_2.12

#3 Updated by anonym 6 months ago

  • Target version changed from Tails_2.12 to Tails_3.0

#4 Updated by segfault 6 months ago

#5 Updated by segfault 6 months ago

  • Parent task set to #12230

#6 Updated by anonym 6 months ago

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 20

Currently Tails Server always starts the service before generating the onion address. Some services need the onion address for their configuration, so the order we do this (start the service, then generate the onion) won't working then. We need to either:

  • Separate the onion address generation part into a step of its own that we run before starting the service.
  • Introduce an option that starts the service after the onion address has been generated and published.
  • Simply switch the order so the service always is starter after the onion has been published. I don't really see a reason why this isn't the case. Was there a reason for the current order?

# XXX: The connection string is user controlled, but because subprocess
# handles escaping and quoting of arguments, this should still be secure.

The way you invoke Popen means exec() will be used, not the shell, so there is no escaping and quoting to worry about. I.e. you can kill this comment.


sudo -u "$RUN_AS_USER" /usr/local/sbin/tails-server $@

You'll want to quote $@ to retain the quoting of the parameters for the wrapped application.


@is_installed.setter
def is_installed(self, value):

It feels odd to have a setter with the is_-prefix. Not a blocker.

#7 Updated by anonym 5 months ago

  • Target version changed from Tails_3.0 to Tails_3.1

#8 Updated by anonym 2 months ago

  • Target version changed from Tails_3.1 to Tails_3.2

#9 Updated by intrigeri about 1 month ago

  • Affected tool set to Server

#10 Updated by intrigeri about 1 month ago

  • Target version changed from Tails_3.2 to Tails_3.3

Also available in: Atom PDF