State.tmp is not erased and it may contain sensitive information

This is not a bug, but can improve the TOR browser.

The TorBrowser\Browser\TorBrowser\Data\Tor\state.tmp is not erased when TOR exits, in my tests it was not even erased after rebooting the computer.

Trac:
Username: ric_sm

changed milestone to %Tor: unspecified

added component::core tor/tor delection file milestone::Tor: unspecified needs-analysis priority::medium reporter::ric_sm severity::normal status::needs-information temporary tor-client type::defect labels

Hrm, this could be a Tor bug actually...

Trac:
Component: Obfuscation to Applications/Tor Browser
Owner: N/A to tbb-team

state.tmp is produced by tor.

Don't we unlink state.tmp after writing state?

Trac:
Milestone: N/A to Tor: unspecified
Owner: tbb-team to N/A
Component: Applications/Tor Browser to Core Tor/Tor
Type: enhancement to defect
Status: new to assigned

We do! So I'm guessing the Tor Browser here was closed abruptly leaving that file there.

Is it really a problem that a state.tmp file is left behind? I assume it will be overwritten and removed the next time tor writes state?

Trac:
Cc: N/A to mcs

Yes we do...

    /* We always replace an existing temporary file if there is one. */
    open_flags |= O_CREAT|O_TRUNC;

So I think this can only be caused by clausing the Tor Browser abruptly at the exact time where the temp file existed but then it will get overwritten later on. The other possibility is that something went wrong with the rename() and then for some other reason the unlink() that we try to do on the temp file if the rename did fail. In that case, the log should have warnings.

@ric_sm, maybe you can open your Tor Browser in the console and look for those warnings?

Trac:
Status: assigned to needs_information

Trac:
Keywords: N/A deleted, temporary file delection tor-client needs-analysis added

moved to tpo/core/tor#21511 (closed)