Re: [Tails-dev] [review'n'merge 1.2] feature/7725-i2p-browse…

Poista viesti

Vastaa
Lähettäjä: anonym
Päiväys:  
Vastaanottaja: The Tails public development discussion list
Aihe: Re: [Tails-dev] [review'n'merge 1.2] feature/7725-i2p-browser
22/09/14 00:56, Kill Your TV wrote:
> On Sat, 20 Sep 2014 01:23:33 +0000 (UTC)
> anonym <anonym@???> wrote:
>
>> As far as I'm concerned, you may base your work on
>> feature/tor-browser-bundle now.
>
> My work on the I2P browser can now be found at
>
>     git://repo.or.cz/tails/kytv.git  feature/7725-i2p-browser

>
> and it has been rebased on top of the feature/tor-browser-bundle branch.


First of all, great work! It works really good, and works pretty nicely
as-is. I have some doubts about it making it into Tails 1.2, which I
attribute to me being so late with reviewing. I could consider merging
it with if you commit strongly to be available to fix things
post-freeze. What do you think? IMHO you should prioritize getting
feature/7732-i2p-network-manager-hook ready for merge, though.

I have some remarks:

* There has been some updates to the unsafe browser script in
feature/tor-browser-bundle since the commit (e9f3486) you based your
work on, so I suggest you have a look at what changes from the following
you should import:

git diff
e9f3486ec72f1b07cc04021b73e38a0db6e2b0ce..origin/feature/tor-browser-bundle
-- config/chroot_local-includes/usr/local/sbin/unsafe-browser

>From what I can tell, the complete diff is relevant to incorporate into

your script.

* In this branch you can *completely* remove FoxyProxy (even from the
Tor Browser, and not install the package and configure it any more)
since we do not use it for anything any more, and it'd be a nice
complexity reduction.

* The I2P Browser still has the search bar thing, all of which will
broken and probably will cause some user confusion. Can it be removed?

Now for some commit-specific remarks:

> commit 79f87a1b Hide bookmark/history


Interesting. See https://labs.riseup.net/code/issues/7948 . Maybe what
you suggest is actually better, since the start page is the router
console and as a portal it definitely beats a lousy bookmarks folder.
Actually the (unstated) rationale for #7948 was mostly to have the
router console easily available.

> commit 2b0fe4a hide "get addons" in addon-manager


Also interesting. This should be back-ported into the Unsafe Browser
too, imho. Well, the correct thing to do would be to make a shell
library to make task-specific chroot browsers, but that's a post-1.2 goal.

Can it be taken to the next level, i.e. disabling altering the add-ons
completely?

> commit d264cc9 Switch I2P-Browser from Iceweasel to Tor-Browser


Why not installing Torbutton too, and configuring it to use I2P instead?
I imagine the protections it adds also make sense for I2P? If so, this
is a regression (in terms of "security") from the FoxyProxy-way of doing
this.

Also, does AdBlock really make sense in I2P-space? I would imagine not...

>From the same commit:


> +    cp -Pr /etc/tor-browser/profile/extensions/langpack-*.xpi \
> +           ${NOSCRIPT} "${BROWSER_EXT}"

and
> +    rsync -a /etc/tor-browser/profile/adblockplus ${BROWSER_PROFILE}


I suggest using symlinks instead (with source inside the chroot, of
course) to reduce the space-impact (well, RAM-usage since this will be
stored in a tmpfs).

commit 17b070c disable TorBrowser Health Report in I2P-Browser

Also something that'd make sense in the Unsafe Browser too.

Again, great work!

Cheers!