Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #3994

Closed (moved)
Open
Opened Sep 11, 2011 by Lunar@lunar

Get TorBrowser in Debian

Torbutton as pure Firefox extension is now deprecated. The project now advocates to use TorBrowserBundle instead.

For users of Debian (and its derivative, Tails being one of them), it would probably be good to offer a more streamlined experience and ship TorBrowser as a Debian package.

In order to preserve the anonymity set, this browser should work as close as possible to the one shipped in the TorBrowserBundle.

The Debian policy states that a package should not contain any embedded code copy. So simply shipping the result of TorBrowserBundle build is not an option.

Mike Hommey (maintainer of Iceweasel) and Moritz Muehlenhoff (from the security team) are both ok to create a iceweasel-src package that would contain the source files needed to build a patched Firefox. A Debian package could apply specific Tor patches on top of that to build something close to core TorBrowser.

The rest of the features are provided through Firefox extensions. TBB is currently shipped HTTPS-Everywhere, NoScript and Torbutton. All of these extensions are already in Debian.

Having TorBrowser installed system-wide do open a new class of problems, though:

  • Profiles should probably be saved in a different directory in user $HOME than Iceweasel or official Firefox.
  • The ideal way to deal with system-wide extensions would probably be that: a new profile would start with all system extensions disabled except for the one shipped in TBB. By going through the Add-ons panel, user could re-enable more of them (even those that could lead to anonymity breaches).

Once a tor-browser binary package is in Debian, we can also have it depend on Vidalia and have a TorBrowser icon start the later, like TBB does.

I hope I have not overlooked anything on the various issues involved…

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#3994