Skip to content

Tighten up the SecurityLevel module to enforce new UX flow

Split from tpo/ux/design#162 (comment 3199182) and tpo/ux/design#162 (comment 3199429).

We should make sure that SecurityLevel.sys.mjs enforces our desired restart requirement by:

  1. Checking at startup that the controlled preferences are already the correct values. Otherwise, prompt a restart.
  2. Listen for changes that occur mid-session and log them. Either prompt for a restart or show the security level as "Custom", depending on the details.
  3. Have a dedicated API for changing the security level just-prior to a restart, to avoid the prompts described above. This would need to be used by android as well. https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43820
  4. Handle custom security level on android. We kind of assume this is not possible because the hidden config page for android is harder to access. But we can easily address this case. #43819

/cc @morgan @clairehurst @ma1

Edited by henry
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information