Opened 2 years ago

Closed 2 years ago

#27407 closed defect (not a bug)

FireJail + TBB alpha breaks it

Reported by: bo0od Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Steps to produce it:

Testing environment: Debian

Install: FireJail

apt install firejail


Download: TBB alpha 8.0a10

commands to use:

(inside TBB launcher path)

firejail ./start-tor-browser.desktop    

(in case you are inside whonix)

firejail torbrowser    

(in case you download it from torbrowser-downloader)

firejail torbrowser-launcher         


Child Tickets

Attachments (1)

tbbbreak.png (23.0 KB) - added by bo0od 2 years ago.

Download all attachments as: .zip

Change History (14)

Changed 2 years ago by bo0od

Attachment: tbbbreak.png added

comment:1 Changed 2 years ago by gk

Severity: BlockerNormal
Status: newneeds_information

Does this happen with our first release candidate for 8.0 as well? (https://people.torproject.org/~boklm/builds/8.0-build2/)

Firefox 60.1.0esr works fine with FireJail? (You can test it by downloading a bundle from https://www.mozilla.org/en-US/firefox/organizations/all/)

Last edited 2 years ago by gk (previous) (diff)

comment:2 in reply to:  1 ; Changed 2 years ago by bo0od

Replying to gk:

Does this happen with our first release candidate for 8.0 as well? (https://people.torproject.org/~boklm/builds/8.0-build2/)

Firefox 60.1.0esr works fine with FireJail? (You can test it by downloading a bundle from https://www.mozilla.org/en-US/firefox/organizations/all/)

Both of them confirmed the same issue as above.

comment:3 in reply to:  description ; Changed 2 years ago by cypherpunks3

Replying to bo0od:

What does "breaks it" mean?

What does it print on the commandline?

Is this related to https://github.com/netblue30/firejail/issues/2027

comment:4 in reply to:  3 Changed 2 years ago by bo0od

Replying to cypherpunks3:

Replying to bo0od:

What does "breaks it" mean?

What does it print on the commandline?

Is this related to https://github.com/netblue30/firejail/issues/2027

i dont think its related. here is the commandline text:

user@user:~/Downloads/tor-browser-linux64-8.0a10_en-US/tor-browser_en-US$ firejail ./start-tor-browser.desktop 
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-passwdmgr.inc

** Note: you can use --noprofile to disable default.profile **

Parent pid 3042, child pid 3043
Child process initialized
Launching './Browser/start-tor-browser --detach'...

and dont forget to check the uploaded image.

comment:5 in reply to:  2 ; Changed 2 years ago by gk

Replying to bo0od:

Replying to gk:

Does this happen with our first release candidate for 8.0 as well? (https://people.torproject.org/~boklm/builds/8.0-build2/)

Firefox 60.1.0esr works fine with FireJail? (You can test it by downloading a bundle from https://www.mozilla.org/en-US/firefox/organizations/all/)

Both of them confirmed the same issue as above.

That's a Firefox bug then. Or maybe it's not even that. Could you file an upstream bug at Mozilla's bug tracker (https://bugzilla.mozilla.org) linking back to it in this ticket? Does setting security.sandbox.content.level to something lower fix the problem?

comment:6 in reply to:  5 Changed 2 years ago by bo0od

Replying to gk:

Replying to bo0od:

Replying to gk:

Does this happen with our first release candidate for 8.0 as well? (https://people.torproject.org/~boklm/builds/8.0-build2/)

Firefox 60.1.0esr works fine with FireJail? (You can test it by downloading a bundle from https://www.mozilla.org/en-US/firefox/organizations/all/)

Both of them confirmed the same issue as above.

That's a Firefox bug then. Or maybe it's not even that. Could you file an upstream bug at Mozilla's bug tracker (https://bugzilla.mozilla.org) linking back to it in this ticket? Does setting security.sandbox.content.level to something lower fix the problem?

Alright here you go:

https://bugzilla.mozilla.org/show_bug.cgi?id=1488078

comment:7 Changed 2 years ago by traumschule

Tried to reproduce it with build2 but only see Tor Launcher with the "Tor unexpectedly exited." message without any message in the Clipboard. Output in the terminal is the same as in comment:4.

comment:8 Changed 2 years ago by bo0od

fuck this is even gone worst , now tbb 60 gone to the stable phase.

every default firejail profiles will break tbb.

comment:9 Changed 2 years ago by bo0od

according to FireJail upstream: firejail 0.9.54 fixed that issue.

https://github.com/netblue30/firejail/issues/2110

Last edited 2 years ago by bo0od (previous) (diff)

comment:10 Changed 2 years ago by bo0od

alright this is getting ugly , TBB SPECIFIC issue with firejail because even the new version couldnt fix TBB problem while FireFox works fine with the new firejail.(sadly it breaks every TBB stable&alpha)

in order to test new firejail new profiles, just install it from debian backports:

sudo su -c "echo -e 'deb http://http.debian.net/debian stretch-backports main contrib non-free' > /etc/apt/sources.list.d/backports.list"
sudo apt update
sudo apt -t stretch-backports install firejail

then run firejail according to the suitable platform environment as i mentioned in my topic.

if you want to remove firejail+debian backports:

sudo apt remove --purge firejail
sudo rm /etc/apt/sources.list.d/backports.list
Last edited 2 years ago by bo0od (previous) (diff)

comment:11 Changed 2 years ago by bo0od

according to the upstream they said to:

Fixes for tor browser aren't part of 0.9.54, they will be in 0.9.56. For now you may copy profiles manually:
https://github.com/netblue30/firejail/blob/master/etc/start-tor-browser.profile
https://github.com/netblue30/firejail/blob/master/etc/torbrowser-launcher.profile

comment:12 Changed 2 years ago by bo0od

New Ticket to fix FireJail with TBB 8.0.2:

https://github.com/netblue30/firejail/issues/2136

comment:13 Changed 2 years ago by gk

Resolution: not a bug
Status: needs_informationclosed

I don't think this is a bug in Tor Browser land.

Note: See TracTickets for help on using tickets.