Opened 15 months ago

Last modified 7 weeks ago

#25578 new enhancement

Package and distribute Tor Browser using Flatpak

Reported by: mjog Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: intrigeri, anarcat Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Please provide a Tor Browser package for Flatpak, and ideally publish it on Flathub. Aside from getting the added security benefit of the Flatpak sandbox, this will make it possible for normal people to install Tor Browser on Linux - the current binary tarball isn't great.

Child Tickets

Change History (7)

comment:1 Changed 15 months ago by gk

That's nothing we will spend time on in the foreseeable future. But if someone wants to try this out, feel free.

comment:2 Changed 8 months ago by rugk

I'd also +1 this here. As the OP mentioned the added sandbox/isolation won't hurt and you can easily distribute it yourself, too. It does not have to be on Flathub.

And Firefox itself is possible to run in flatpak, already. E.g. in https://gitlab.gnome.org/gbraad/flatpak-firefox there was some stuff, but it seems to be outdated.
https://firefox-flatpak.mojefedora.cz/ has some working Firefox packages. Since Firefox 62 it can also read files from other dirs than "~/Downloads" properly, see https://bugzilla.mozilla.org/show_bug.cgi?id=1490186. Thus it also does not need "host" permission or so, so files in the user's dir are protected.

comment:3 Changed 8 months ago by gk

That reminds me of https://flatkill.org/ which is talking about Flatpak security.

comment:4 Changed 8 months ago by mjog

flatkill

Tin-foil-hat drivel by the same kinds of people that dislike systemd because they can't imagine that a better way of doing something that isn't the way they've always done it.

Rejoiner: http://ramcq.net/2018/10/15/flatpak-sandbox-security/

comment:5 Changed 8 months ago by yawning

This really sucks to do because of the sub-optimal way that the various Tor components are integrated into Tor Browser. The flatpak model does not mesh well with Tor Browser currently shipping a user profile directory that is expected to be volatile.

There are various kludges that can be done to work around this, but more realistically the better solution is to solve #10760 among other things.

The protections provided by the sandbox would still be severely lacking because you would want to decouple the tor process and the firefox one, but at least it may improve the distribution situation.

comment:6 Changed 7 weeks ago by intrigeri

Cc: intrigeri added

comment:7 Changed 7 weeks ago by anarcat

Cc: anarcat added

available for testing.

Note: See TracTickets for help on using tickets.