Figure out how to sandbox meek in a sensible way.
|Reported by:||yawning||Owned by:||yawning|
|Component:||Applications/Tor Browser Sandbox||Version:|
Right now sandboxed-tor-browser does not support meek at all. This is suboptimal since it is popular.
There's two ways forward from my perspective:
- The correct fix would be to add code to spin up another sandbox container (since I do not think that even a neutered firefox process should live in the tor sandbox), for the meek helper firefox instance.
- The quick and dirty way would be to use meek_lite since obfs4proxy is allowed, and shipped versions contain the code. The downside is that it is even more distinct than meek usually is.