I finally got round to looking into this matter properly. The inability to use dotfiles persistence with the Tor Browser is, quite predictably, an Apparmor issue. tor-browser's access to the filesystem is (quite wisely) restricted to a couple of essential directories, and thus obviously cannot read from /lib/live... which the 'dotfiles' symlinks target.
Symlinks themselves within profile.default work fine, as long as their target is in a location TB is permitted to read from, such as ~/Tor Browser .
At this point three solutions come to mind:
1. A documentation-only approach, allowing a power user to hardcode his desired Torbutton setting with a workaround. The dotfiles persistence approach could still work, albeit in a rather hacky way, such as automatically running a bash script to create ~/.tor-browser/profile.default/prefs.js as the amnesia user logs in.
2. Modifying the TBB's Apparmor profile to allow access to a single additional directory: /lib/live/mount/persistence/TailsData_unlocked/dotfiles/.tor-browser/profile.default/preferences . This would allow a user to use dotfile persistence with the browser. But could it introduce a security issue?
3. Adding a prefs.js to the squashfs build, thus changing Tails' default Torbutton setting at boot from Low to High. This was briefly discussed (in a roundabout way) back in 2015 (Redmine, topic #10481), but a few key developers were not a fan of the concept at the time.
Founders, developers,contributors... let me know what you think :)
