On Sat, Oct 20, 2012 at 10:01:24AM +0200, intrigeri wrote:
> Ague Mill wrote (18 Oct 2012 19:36:53 GMT) :
> > Probably this can be turned in a chroot local-hook, but I won't
> > waste the effort if others feels that's too much of hack.
>
> Wow. I've had a look.
> Yes, I feel it's too much of a hack, but that's a mere feeling.
>
> E.g. I don't like the fact this couples components shipped by Debian's
> iceweasel (such as language packs) with components shipped by TBB
> (such as the torbrowser binary). I'm not comfortable with adding (at
> the binary level) to the inter-dependency mix we're in, and that is
> hitting us right now.
Just to make it clear: this was proposed as a very temporary solution so
we can actually release 0.14 without compromising users anonymity too
much. This hack is hideous enough that it really can't stay there.
Before we decide to completely rule this out, I would really like
someone with enough energy and processing power to confirm that the last
Iceweasel package + TorBrowser patches + Torbutton will produce a
working browser.
> Also, I guess this hack would require at least some more hours of work
> to be in a releasable state.
Given that the resulting browser works fine, I don't think it would
require more time than building a custom Iceweasel and setting up a
temporary repository. Sure, this is a waste of work for even mid-term,
but that's a tunnel with an end already in view.
This Firefox "point-release" is putting us in a really bad situation.
Between two release candidates is not the ideal time to find the best
solution for our browser issues.
Anyway, given we are not able to release a working Tails 0.14 with
security fixes right now, we could also simply forget the schedule and
instead of rushing dirty solutions, delay 0.14 until we have both neat
Iceweasel packages and definitive APT repositories.
--
Ague