Ensure Firefox's content sandboxing (Level 2) works
It's probably going to be enabled in Tor Browser 7.0.7 (that we likely won't ship) and 7.0.8 (that should in Tails 3.3): https://mailman.boum.org/pipermail/tails-dev/2017-September/011731.html
FWIW http://www.morbo.org/2017/11/linux-sandboxing-improvements-in.html is interesting (marginally for this ticket, but more for the one about upgrading to FF57 ESR, which I could not find).
- Status changed from Confirmed to Resolved
- Assignee deleted (
- % Done changed from 0 to 100
- QA Check set to Pass
Just like in the vanilla Tor Browser, our Tor Browser has
security.sandbox.content.level set to
2 (meaning) so we're good!
(Note: on my system I have the
firefox 58.0.1-1 Debian package installed, and it sets the level to 3, but that is from a change introduced in Firefox 57, so I can only assume Tor Browser will switch to it when bumping the ESR branch.)