TorBrowser creates temp files in Linux /tmp & Windows %temp% and OSX(various places) during the file downloads dialog & when using internal browser video player
- Open a webpage with downloadable links (http://arxiv.org/abs/1207.5216 for example).
- Select file to download (pdf for example: http://arxiv.org/pdf/1207.5216v2).
- See the dialog:
External application is needed to handle
with two buttons:launch
andcancel
. - Only launch is available to start download. Select it.
- Second dialog asks to open with
/usr/bin/xpdf (default)
orSave
. - Don't press
Save
immediately. See in a terminal random name of file, sometimes with a part of contents: {{{ ls -la /tmp $ file /tmp/oeXvw4D+.pdf.part /tmp/oeXvw4D+.pdf.part: PDF document, version 1.5 }}} Tbb ignoredtor-browser_en-US/tmp
and use system /tmp - After pressing
Save
file removed from /tmp.
This behaviour potentially affects users local anonimity with unencrypted and non-attached to memory system /tmp dirs; and affects users with portable TorBrowser versions. Partially downloaded files will saved in /tmp in the cases of TBB crushes or not completely erased. Will be preferably to isolate TorBrowser activity in user local catalogs only.
Trac:
Username: unknown