Opened 7 months ago

Last modified 7 months ago

#29790 needs_information task

Add build option to store profile in HOME directory

Reported by: boklm Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-security
Cc: brade, mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

On Windows and Linux, we currently include the profile inside the Tor Browser bundle directory. However, this does not work if we want to install Tor Browser in a read-only directory (for instance somewhere in /usr).

We added the --enable-tor-browser-data-outside-app-dir option (which we currently use on macOS), to be able to store the profile in a TorBrowser-Data directory outside the bundle directory, to avoid codesigning issues on macOS. However, I think it is not currently possible to select where the TorBrowser-Data directory is located.

On the tor-packagers mailing list, Thomas Klausner suggested a patch to be able to store the profile in the HOME directory:
https://lists.torproject.org/pipermail/tor-packagers/2019-March/000060.html

However, I am not sure if the patch is enough, or if more things are needed to handle updates correctly.

Child Tickets

Change History (2)

comment:1 in reply to:  description Changed 7 months ago by cypherpunks

Keywords: tbb-security added

Replying to boklm:

On Windows and Linux, we currently include the profile inside the Tor Browser bundle directory. However, this does not work if we want to install Tor Browser in a read-only directory (for instance somewhere in /usr).

Hallelujah!

comment:2 Changed 7 months ago by mcs

Status: newneeds_information

A more complete solution involves fixing #20599. That said, Kathy and I have a few comments on the proposed patch:

  • Should a dot name be used instead of TorBrowser-Data, e.g., .torbrowser-data? Hiding by default seems nicer; on the other hand, hiding the directory would make it less obvious where the Tor-related user data is stored.
  • When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is defined (currently only on macOS), the directory structure of the data area is a little different. For example, the Browser directory that contains the profile is directly under TorBrowser-Data/Browser/ while with the proposed simple patch there will be an extra Data directory, i.e., ~/TorBrowser-Data/Data/Browser/. This is not a big deal, but when we fix #20599 we will probably omit that extra directory.
  • Has meek been tested with this patch? I am asking because meek-client-torbrowser has knowledge of where browser profiles are located, and there is macOS-specific code to support the TOR_BROWSER_DATA_OUTSIDE_APP_DIR scenario.
  • There must be more to the solution that this patch. For example, how do browser profile files (including extensions such as Torbutton) as well as the other files that are under ./Browser/TorBrowser/Data/ get copied into ~/TorBrowser-Data? How are updates handled?
Note: See TracTickets for help on using tickets.