Tor Browser issueshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues2022-01-11T19:31:56Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22067NoScript Click-to-Play bypass with embedded videos and audios2022-01-11T19:31:56ZTracNoScript Click-to-Play bypass with embedded videos and audiosNoscript does not block .webm playback on tor hidden services but plays them first and then blocks them after.
Example:
If you go to http://alokalaou53jmgum.onion/b/50927 and click on the 'homer-simpson webm' it will start playing di...Noscript does not block .webm playback on tor hidden services but plays them first and then blocks them after.
Example:
If you go to http://alokalaou53jmgum.onion/b/50927 and click on the 'homer-simpson webm' it will start playing directly after being clicked on even though Tor Browser is set to high security slider and this in 9/10 times.
Whereas if you open it directly it will block it 9/10 times.
http://alokalaou53jmgum.onion/src/M9Xjl/1486923637894.webm
This is present in at least Tor Browser 6.5.1 and 6.5.2 and probably on even older versions leaving users potentially in danger if it where to be a malicious .webm by not blocking it
**Trac**:
**Username**: samantharishttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22027TBB sandbox 7.0a3 does not open2022-01-11T19:31:56ZTracTBB sandbox 7.0a3 does not openWhen I bootstrap tor in sandbox mode and then ./start-browser-with-sandbox I get multiple errors and tor browser bundle opens in a very small window and does not have any of the Add-ons installed, and does not work. I'm running macOS 10...When I bootstrap tor in sandbox mode and then ./start-browser-with-sandbox I get multiple errors and tor browser bundle opens in a very small window and does not have any of the Add-ons installed, and does not work. I'm running macOS 10.12.4 (16E195) tor browser bundle 7.0a3
Here are the errors I get in terminal
2017-04-20 15:55:23.373 firefox[7745:692727] kCFURLVolumeIsAutomountedKey missing for file://localhost/Volumes/Tor%20Browser/: The file “Tor Browser” couldn’t be opened because you don’t have permission to view it.
2017-04-20 15:55:23.374 firefox[7745:692727] kCFURLVolumeNameKey missing for file://localhost/Volumes/MobileBackups/: The file “MobileBackups” couldn’t be opened because you don’t have permission to view it.
2017-04-20 15:55:23.374 firefox[7745:692727] kCFURLVolumeIsAutomountedKey missing for file://localhost/Volumes/MobileBackups/: The file “MobileBackups” couldn’t be opened because you don’t have permission to view it.
1492728923800 addons.xpi-utils ERROR Unable to read anything useful from the database
[Parent 7745] WARNING: parent WaitForMessage() failed: 0x10004003 (ipc/rcv) timed out: file /home/debian/build/tor-browser/ipc/glue/GeckoChildProcessHost.cpp, line 958
[Parent 7745] WARNING: Failed to launch tab subprocess: file /home/debian/build/tor-browser/ipc/glue/GeckoChildProcessHost.cpp, line 576
[Parent 7745] WARNING: parent WaitForMessage() failed: 0x10004003 (ipc/rcv) timed out: file /home/debian/build/tor-browser/ipc/glue/GeckoChildProcessHost.cpp, line 958
[Parent 7745] WARNING: Failed to launch tab subprocess: file /home/debian/build/tor-browser/ipc/glue/GeckoChildProcessHost.cpp, line 576
1492728945600 addons.xpi WARN Attempting to activate an already active default theme
1492728945600 addons.xpi WARN Attempting to activate an already active default theme
**Trac**:
**Username**: Dbryrtfbcbhgfhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22000update OSX browser sandbox profile for e10s2022-07-12T23:33:44ZKathleen Bradeupdate OSX browser sandbox profile for e10sFor compatibility with e10s, the TB.sb file needs to be updated to allow creation of content processes.For compatibility with e10s, the TB.sb file needs to be updated to allow creation of content processes.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21983Should we do more to discourage custom prefs and nonstandard addons?2022-06-21T22:07:11ZArthur EdelsteinShould we do more to discourage custom prefs and nonstandard addons?We make some effort to discourage users from setting nonstandard prefs in Tor Browser, or installing 3rd-party extensions/plugins. But maybe we can do more? For example, should we pop up a warning about deanonymization when users first a...We make some effort to discourage users from setting nonstandard prefs in Tor Browser, or installing 3rd-party extensions/plugins. But maybe we can do more? For example, should we pop up a warning about deanonymization when users first attempt to modify a pref or install an addon? And if users click past that warning, should be periodically pop up warnings in the future to let users know they have nonstandard prefs or a nonstandard addon installed?https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21908Tor Browser breaks response headers sometimes2022-06-21T21:57:01ZcypherpunksTor Browser breaks response headers sometimesThere are
```
Public-Key-Pins: An unknown error occurred processing the header specified by the site.
```
on
https://check.torproject.org/torcheck/img/tor-on.png
or
https://trac.torproject.org/projects/tor/ticket/21886
sometimes.
The rea...There are
```
Public-Key-Pins: An unknown error occurred processing the header specified by the site.
```
on
https://check.torproject.org/torcheck/img/tor-on.png
or
https://trac.torproject.org/projects/tor/ticket/21886
sometimes.
The reason seems to be related to legacy/trac#21627.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21656Add "low cost" hardening build flags to OS X2022-01-11T19:31:55ZArthur EdelsteinAdd "low cost" hardening build flags to OS XI would propose including the following flags in our OS X clang build:
```
-Werror=format
-Werror=format-security
-fstack-protector-strong
-pie
-fPIE (already there)
-D_FORTIFY_SOURCE=2 -O1
-Wl,-z,relro,-z,now
```I would propose including the following flags in our OS X clang build:
```
-Werror=format
-Werror=format-security
-fstack-protector-strong
-pie
-fPIE (already there)
-D_FORTIFY_SOURCE=2 -O1
-Wl,-z,relro,-z,now
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21617RWX page observed on Windows2022-01-11T19:31:55ZArthur EdelsteinRWX page observed on WindowsWith the legacy/trac#21514 patch applied, I observed a single RWX page on Windows. It would be good to track this down and fix it.With the legacy/trac#21514 patch applied, I observed a single RWX page on Windows. It would be good to track this down and fix it.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21395can not run torbrowser sandbox2022-01-11T19:32:15ZTraccan not run torbrowser sandboxevery time I try to run torbrowser sandbox in macOS 10.12.4 Beta (16E144f) I get the error below. I followed all the directions in the readme file, and still gives me the same error.
torbrowser 7.0a1
Referenced from: /Users/'my userna...every time I try to run torbrowser sandbox in macOS 10.12.4 Beta (16E144f) I get the error below. I followed all the directions in the readme file, and still gives me the same error.
torbrowser 7.0a1
Referenced from: /Users/'my username removed'/Desktop/tor beta/Sandboxed Tor Browser/TorBrowser.app/./Contents/MacOS/firefox
Reason: no suitable image found. Did find:
file system sandbox blocked open() of '/usr/lib/libstdc++.6.dylib'
file system sandbox blocked open() of '/usr/lib/libstdc++.6.dylib'
./start-browser-with-sandbox: line 24: 3149 Abort trap: 6 sandbox-exec -f "$SB_PROFILE" -D "HOME_DIR=$HOME" -D "CURRENT_DIR=$BASEDIR" -D "TORBROWSER_APP_DIR=$TORBROWSER_APP_DIR" -D "TORBROWSER_DATA_DIR=$TORBROWSER_DATA_DIR" "./Contents/MacOS/firefox"
**Trac**:
**Username**: Dbryrtfbcbhgfhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21034Per site security settings?2022-11-29T14:01:13ZArthur EdelsteinPer site security settings?It would be useful (and perhaps safer) to have per-site security settings rather than browser-wide security settings. Also we might want to enforce different security settings for http vs https.
In Firefox 52, with e10s enabled, perhaps...It would be useful (and perhaps safer) to have per-site security settings rather than browser-wide security settings. Also we might want to enforce different security settings for http vs https.
In Firefox 52, with e10s enabled, perhaps we can use separate content processes for every first-party and apply different security settings prefs separately to each one.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21009sandboxed OSX browser hangs if printing is attempted2022-07-12T21:19:57ZTracsandboxed OSX browser hangs if printing is attemptedThe macOS sandbox tor browser will crash/become unresponsive when you try to print any page using command P or using the menu bar. TorBrowser-6.5a6-osx64_en-US
**Trac**:
**Username**: DbryrtfbcbhgfThe macOS sandbox tor browser will crash/become unresponsive when you try to print any page using command P or using the menu bar. TorBrowser-6.5a6-osx64_en-US
**Trac**:
**Username**: Dbryrtfbcbhgfhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20998Partition Tor Browser heap with jemalloc2022-01-11T19:32:15ZGeorg KoppenPartition Tor Browser heap with jemallocWe should investigate performance and robustness of a partitioned heap using jemalloc4. Some links to get started:
http://ggp.name/2014/10/15/Partitioned-heap-in-Firefox-pt1.html
http://ggp.name/2015/03/03/Partitioned-heap-in-Firefox-pt...We should investigate performance and robustness of a partitioned heap using jemalloc4. Some links to get started:
http://ggp.name/2014/10/15/Partitioned-heap-in-Firefox-pt1.html
http://ggp.name/2015/03/03/Partitioned-heap-in-Firefox-pt2.html
And tjr's summary:
https://lists.torproject.org/pipermail/tbb-dev/2015-October/000309.html
One thing worth considering is whether it should be random partitions or not.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20989browser sandbox profile too restrictive on OSX 10.12.22022-01-11T19:32:14ZMark Smithbrowser sandbox profile too restrictive on OSX 10.12.2A user reported via a blog comment that the browser fails to start via ./start-browser-with-sandbox on OSX 10.2.2. See:
https://blog.torproject.org/blog/tor-browser-65a6-released#comment-225250
As I commented on the blog, moving the lin...A user reported via a blog comment that the browser fails to start via ./start-browser-with-sandbox on OSX 10.2.2. See:
https://blog.torproject.org/blog/tor-browser-65a6-released#comment-225250
As I commented on the blog, moving the line that reads `(subpath "/usr/lib")` within tb.sb from the `(allow file-read-metadata ... )` section to the `(allow file-read* ...)` section seems to fix the problem.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20957Get DieHarder working with Tor Browser2022-07-12T21:15:53ZArthur EdelsteinGet DieHarder working with Tor BrowserThe [DieHarder memory allocator](https://emeryberger.com/research/dieharder/) looks like a possible hardening measure for Tor Browser. We should try to get it working, and evaluate it for performance, effectiveness and suitability.The [DieHarder memory allocator](https://emeryberger.com/research/dieharder/) looks like a possible hardening measure for Tor Browser. We should try to get it working, and evaluate it for performance, effectiveness and suitability.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20848Integrate selfrando into 32bit Linux alpha bundles2022-01-11T19:32:14ZGeorg KoppenIntegrate selfrando into 32bit Linux alpha bundleslegacy/trac#20683 integrates selfrando into 64bit builds. We needed to move the integration into 32bit Linux bundles to an own ticket as that architecture was not properly supported.legacy/trac#20683 integrates selfrando into 64bit builds. We needed to move the integration into 32bit Linux bundles to an own ticket as that architecture was not properly supported.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20683Integrate selfrando into the alpha Linux 64bit builds2022-01-11T19:32:14ZGeorg KoppenIntegrate selfrando into the alpha Linux 64bit buildsWe are currently shipping selfrando in our hardened builds. We should include it into our regular alphas to give it a wider test audience.We are currently shipping selfrando in our hardened builds. We should include it into our regular alphas to give it a wider test audience.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20682Document differences between alpha and hardened Tor Browser series2022-01-11T19:32:14ZGeorg KoppenDocument differences between alpha and hardened Tor Browser seriesWe should document the differences between the alpha and the hardened Tor Browser series (better). So far we only have https://lists.torproject.org/pipermail/tbb-dev/2016-June/000382.html.We should document the differences between the alpha and the hardened Tor Browser series (better). So far we only have https://lists.torproject.org/pipermail/tbb-dev/2016-June/000382.html.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20441Backport missing unix domain socket bug fix (bug 1311044)2022-01-11T19:32:14ZGeorg KoppenBackport missing unix domain socket bug fix (bug 1311044)While testing the fix for legacy/trac#20111 we encountered another bug in Firefox' unix domain socket support. This got fixed in bug 1311044 (https://hg.mozilla.org/mozilla-central/rev/df49275ec24c) and we should backport that one.While testing the fix for legacy/trac#20111 we encountered another bug in Firefox' unix domain socket support. This got fixed in bug 1311044 (https://hg.mozilla.org/mozilla-central/rev/df49275ec24c) and we should backport that one.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20439The firefox binary in Tor Browser on OSX is not PIE2022-01-11T19:32:14ZboklmThe firefox binary in Tor Browser on OSX is not PIE`otool -hv` says that the firefox binary from Tor Browser on OSX is not PIE:
```
$ otool -hv firefox
firefox:
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL LIB64 ...`otool -hv` says that the firefox binary from Tor Browser on OSX is not PIE:
```
$ otool -hv firefox
firefox:
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL LIB64 EXECUTE 22 2752 NOUNDEFS DYLDLINK TWOLEVEL BINDS_TO_WEAK
```
While on the firefox binary from Mozilla, it says this:
```
$ otool -hv /Volumes/Firefox/Firefox.app/Contents/MacOS/firefox
/Volumes/Firefox/Firefox.app/Contents/MacOS/firefox:
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL LIB64 EXECUTE 22 2744 NOUNDEFS DYLDLINK TWOLEVEL BINDS_TO_WEAK PIE
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20377Tor Browser crashes when certain prefs are forced via autoconfig.js.2022-01-11T19:32:14ZYawning AngelTor Browser crashes when certain prefs are forced via autoconfig.js.Firefox has a mechanism for overriding preferences, that would be useful for me to set sandboxed Tor Browser specific prefs, without resorting to the kludgy hack that I do now with writing out a `prefs.js` file.
https://developer.mozill...Firefox has a mechanism for overriding preferences, that would be useful for me to set sandboxed Tor Browser specific prefs, without resorting to the kludgy hack that I do now with writing out a `prefs.js` file.
https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment
Tor Browser 6.0.5 appears to crash when `lockPref("extensions.update.enabled", false);` is including in the autoconfig.js file, though other prefs that I have tried appear to work fine.
Minor for me since there are other ways I can do this.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20352Integrate sandboxed Tor Browser into our gitian build system2022-01-11T19:32:14ZGeorg KoppenIntegrate sandboxed Tor Browser into our gitian build systemWe should write a descriptor for building the sandbox code inside our Gitian environment.We should write a descriptor for building the sandbox code inside our Gitian environment.