Opened 3 years ago

Closed 3 years ago

#21326 closed defect (fixed)

Sec. "Using a system-installed Tor process with Tor Browser" in start-tor-browser needs update

Reported by: cypherpunks Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: TorBrowserTeam201701R
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Starting from TBB 6.5 the Sec. "Using a system-installed Tor process with Tor Browser" in start-tor-browser script is no longer valid. The old recommendations were:

# SETTING NAME VALUE
# extensions.torbutton.banned_ports [...],<SocksPort>,<ControlPort>
# extensions.torbutton.block_disk false
# extensions.torbutton.custom.socks_host 127.0.0.1
# extensions.torbutton.custom.socks_port <SocksPort>
# extensions.torbutton.inserted_button true
# extensions.torbutton.launch_warning false
# extensions.torbutton.loglevel 2
# extensions.torbutton.logmethod 0
# extensions.torbutton.settings_method custom
# extensions.torbutton.socks_port <SocksPort>
# extensions.torbutton.use_privoxy false
# extensions.torlauncher.control_port <ControlPort>
# extensions.torlauncher.loglevel 2
# extensions.torlauncher.logmethod 0
# extensions.torlauncher.prompt_at_startup false
# extensions.torlauncher.start_tor false

I cannot comment on torlauncher options, because I don't use tor launcher. As concerns torbutton options:

Instead of extensions.torbutton.banned_ports we now have option network.security.ports.banned. Isn't it? If yes, we should replace.

Option extensions.torbutton.block_disk is absent in about:config.

Instead of old 6 options:
extensions.torbutton.custom.socks_host
extensions.torbutton.custom.socks_port
extensions.torbutton.socks_host
extensions.torbutton.socks_port
network.proxy.socks
network.proxy.socks_port
which had to be adjusted accordingly, now we have only network.proxy.socks and network.proxy.socks_port in about:config. So, these options should be used instead of options extensions.torbutton.custom.socks_host, extensions.torbutton.custom.socks_port, and extensions.torbutton.socks_port in start-tor-browser script.

Option extensions.torbutton.settings_method is absent in about:config, it seems to be not necessary anymore.

Option extensions.torbutton.use_privoxy is absent in about:config.

Somebody should check new configuration and these my suggestions.

If somebody is managing TBB with system-installed Tor without TBB access to ControlPort (Tor chains must be restarted manually when needed), now the configuration is pretty simple:

  1. Remove tor-launcher@torproject.org.xpi file.
  2. Start TBB: $ cd tor-browser_en-US/Browser ; ./start-tor-browser --debug
  3. Go to Edit -> Preferences -> Advanced -> Network. Change host and port for SOCKS proxy (if needed).
  4. Disable automatic updates in Edit -> Preferences -> Advanced -> Updates (if you check PGP signatures and update TBB manually).

Child Tickets

Change History (4)

comment:1 in reply to:  description Changed 3 years ago by mcs

Replying to cypherpunks:

Somebody should check new configuration and these my suggestions.

Thanks. I think what you suggested is correct. I will post a patch in a few minutes.

If somebody is managing TBB with system-installed Tor without TBB access to ControlPort (Tor chains must be restarted manually when needed), now the configuration is pretty simple:

  1. Remove tor-launcher@torproject.org.xpi file.
  2. Start TBB: $ cd tor-browser_en-US/Browser ; ./start-tor-browser --debug
  3. Go to Edit -> Preferences -> Advanced -> Network. Change host and port for SOCKS proxy (if needed).
  4. Disable automatic updates in Edit -> Preferences -> Advanced -> Updates (if you check PGP signatures and update TBB manually).

I recommend that you not remove Tor Launcher; just disable it in the Add-ons Manager or add TOR_SKIP_LAUNCH=1 to the environment before starting Tor Browser (that way incremental automatic updates can be used if desired).

comment:2 Changed 3 years ago by mcs

Keywords: TorBrowserTeam201701R added; start-tor-browser removed
Status: newneeds_review

comment:3 Changed 3 years ago by cypherpunks

And here is a patch for start-tor-browser

Thanks! It looks good.

I recommend that you not remove Tor Launcher; just disable it in the Add-ons Manager or add TOR_SKIP_LAUNCH=1 to the environment before starting Tor Browser

Browser is not started if I do just this:

$ cd /path/to/tor-browser_en-US/Browser
$ TOR_SKIP_LAUNCH=1 ./start-tor-browser --debug

To get it started I need at least one extra option:

$ TOR_SKIP_LAUNCH=1 TOR_SKIP_CONTROLPORTTEST=1 ./start-tor-browser --debug

then disable tor-launcher add-on and fix proxy settings. However, even after this fix tor-browser continues to send packets to 127.0.0.1:9151 at each restart (option TOR_SKIP_CONTROLPORTTEST doesn't prevent it). That's minor thing, but it adds garbage to logfiles of my firewall.

(that way incremental automatic updates can be used if desired).

The main problem in my case is that the browser runs in non-trusted environment in separate VM which may be compromised. That's why any automatic updates may be compromised too. In order to avoid this compromise I do my update manually with checking PGP signatures, refreshed clean VM, and disabled network access.

Last edited 3 years ago by cypherpunks (previous) (diff)

comment:4 Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Applied to master, maint-6.5, and hardened-builds (commits 57fed3156c39a29d742a4f9a535edcea2cb733e0, a02be8d3897859489daaf07679f25088857d5bdb, and 46d7d6b7da4457bb60e2c69ddb79b5d17fa95ba1), thanks.

Note: See TracTickets for help on using tickets.