Opened 20 months ago

Last modified 7 months ago

#29630 new defect

TorBrowser creates empty directory in "/tmp"

Reported by: AxelF Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-disk-leak, BugSmashFund
Cc: Actual Points: 0.2
Parent ID: Points:
Reviewer: Sponsor:

Description

I'm using the latest TBB on Linux.

After I start TorBrowser, the directory is created in temporary direcrory (in my case /tmp)

drwx------ 2 user user 4096 Mar 1 12:34 Temp-41d8a42b-5545-4af5-89c2-be2502af95c7

The directory is empty. After I close the TBB, this directory disappears. Not sure if it's OK behavior or not.

Child Tickets

Change History (5)

comment:1 Changed 20 months ago by gk

Keywords: tbb-disk-leak added

Not sure what is causing this behavior, but ideally there should be no (empty) directory created in /tmp I think.

comment:2 Changed 20 months ago by AxelF

I'm pretty sure it is created by Firefox, because more of such directories are being created when I start the regular Firefox.

comment:3 Changed 11 months ago by mcs

Keywords: BugSmashFund added

comment:4 Changed 7 months ago by mcs

Kathy and I spent a little time today on this issue. Two Temp-GUID directories are created and used by the browser's sandbox, and this issue exists on all platforms. See:
https://gitweb.torproject.org/tor-browser.git/tree/toolkit/xre/nsXREDirProvider.cpp?h=tor-browser-68.6.0esr-9.5-1-build2#n706

The base directory comes from https://gitweb.torproject.org/tor-browser.git/tree/toolkit/xre/nsXREDirProvider.cpp?h=tor-browser-68.6.0esr-9.5-1-build2#n616; on Windows it is NS_WIN_LOW_INTEGRITY_TEMP_BASE (aka "LowTmpDBase") and on Linux and macOS it is NS_OS_TEMP_DIR (aka "TmpD").

It is tempting to change the implementation in xpcom/io/nsDirectoryService.cpp that handles those two locations to return a base directory that is within the Tor Browser data directory. Kathy and I are not familiar enough with the sandboxing code and other uses of those directories to know what might break if we made such a change, but we could try it in and see. Proposed locations:

macOS: TorBrowser-Data/Browser/tmp/
Windows and Linux: Browser/TorBrowser/Data/Browser/tmp/

Another potential problem is that if the browser leaves any files behind in this new tmp directory they will not be cleaned up (unlike the OS temp directories, which will get cleaned up eventually). I suppose we could delete the contents of the tmp directory early in browser startup.

comment:5 Changed 7 months ago by mcs

Actual Points: 0.2
Note: See TracTickets for help on using tickets.