Project

General

Profile

Bug #12679

Sandbox Tor Browser's content renderer processes more strictly

Added by intrigeri 3 months ago. Updated 12 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Category:
-
Target version:
Start date:
06/10/2017
Due date:
% Done:

30%

QA Check:
Feature Branch:
feature/12679-sandbox-firefox-content-renderers
Type of work:
Wait
Blueprint:
Easy:
Affected tool:
Browser

Description

Since we have enabled Electrolysis (e10s), we confine these processes in exactly the same way as the parent Firefox process. I'm pretty sure they could be confined much more strictly, without impacting UX whatsoever. And while we're at it, maybe some permissions we currently grant to the parent Firefox process are not needed anymore, as it does less work.


Related issues

Blocked by Tails - Feature #12653: Upstream changes to our Tor Browser 7.0 AppArmor profile Resolved 06/07/2017
Blocks Tails - Feature #13234: Core work 2017Q3: Foundations Team Confirmed 06/29/2017

Associated revisions

Revision 6e2ca1eb (diff)
Added by intrigeri 3 months ago

Import Tor Browser AppArmor profiles with stricter content rendering processes confinement (refs: #12679).

These profiles were taken from the
feature/12679-sandbox-firefox-content-renderers branch in our
torbrowser-launcher.git repository at commit
a86475a2565cbbbdf846248238ffb7f072bebed5, which is based on my
https://github.com/intrigeri/torbrowser-launcher/tree/apparmor-e10s branch at
commit 33502fa03669c009c4344eb825f1d58c95f1e929.

Note: we must not merge a branch with this commit as-is: once these profiles
have passed our own QA, I will submit a PR to torbrowser-launcher upstream, and
then they'll make it into Debian, and then we can revert this commit and replace
it with an updated
config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch.

Revision c86c6eb4 (diff)
Added by intrigeri 3 months ago

Import Tor Browser AppArmor profiles with stricter content rendering processes confinement (refs: #12679).

These profiles were taken from the
feature/12679-sandbox-firefox-content-renderers branch in our
torbrowser-launcher.git repository at commit
807bd87e7ee51b179bbd7d394f57d939f314ae20, which is based on my
https://github.com/intrigeri/torbrowser-launcher/tree/apparmor-e10s branch at
commit 33502fa03669c009c4344eb825f1d58c95f1e929.

Note: we must not merge a branch with this commit as-is: once these profiles
have passed our own QA, I will submit a PR to torbrowser-launcher upstream, and
then they'll make it into Debian, and then we can revert this commit and replace
it with an updated
config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch.

Revision 7623daa0 (diff)
Added by intrigeri 3 months ago

Add missing permissions to the torbrowser_plugin_container AppArmor profile (refs: #12679).

From the feature/12679-sandbox-firefox-content-renderers branch in our
torbrowser-launcher repository at
commit 9932f9c2f2417f91cb79483a53b293704cc4f38a.

Revision 1c603eb4 (diff)
Added by intrigeri 3 months ago

Update Tor Browser AppArmor profile (refs: #12679).

They come from the feature/12679-sandbox-firefox-content-renderers branch in our
torbrowser-launcher Git repo, at
commit f5ecf6452e77b25a2027f14fcc75c13fc23546d3.

Revision 59fcf762 (diff)
Added by intrigeri 3 months ago

Test suite: update Tor Browser tests to match current AppArmor confinement (refs: #12679).

History

#1 Updated by intrigeri 3 months ago

  • Blocked by Feature #12653: Upstream changes to our Tor Browser 7.0 AppArmor profile added

#2 Updated by intrigeri 3 months ago

(This blocking relationship is not exactly correct, but it would be nice to upstream our existing delta before adding some more.)

#3 Updated by intrigeri 3 months ago

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 10

I have something that Works On My Machine™. Up-to-date info about it can be found on https://github.com/micahflee/torbrowser-launcher/issues/278.

#4 Updated by intrigeri 3 months ago

  • % Done changed from 10 to 20
  • Feature Branch set to feature/12679-sandbox-firefox-content-renderers

#5 Updated by intrigeri 3 months ago

It passed the subset of our test suite we run on Jenkins.

Next step: run all affected tests locally.

#6 Updated by intrigeri 3 months ago

  • % Done changed from 20 to 30

The branch now passes features/documentation.feature:4 features/localization.feature features/tor_enforcement.feature:15 features/tor_stream_isolation.feature:26 features/torified_browsing.feature features/unsafe_browser.feature locally. Next step: upstream my changes to tbl, and then wait for them to reach Debian sid, and then we can replace my hard-coded profiles in tails.git with a proper patch.

#7 Updated by intrigeri 3 months ago

  • Type of work changed from Code to Wait

#8 Updated by intrigeri 3 months ago

#10 Updated by intrigeri 18 days ago

  • Target version changed from Tails_3.2 to Tails_3.3

I'll ping again during next cycle.

#11 Updated by intrigeri 12 days ago

Pinged upstream, refreshed our branch so it's tested by Jenkins again.

Also available in: Atom PDF