Re: [Tails-dev] Issue #9700 (Torbutton preset)

Hi,

synthe:
> I finally got round to looking into this matter properly. The inability to use
> dotfiles persistence with the Tor Browser is, quite predictably, an Apparmor issue.
> tor-browser's access to the filesystem is (quite wisely) restricted to a couple of
> essential directories, and thus obviously cannot read from /lib/live... which the
> 'dotfiles' symlinks target.

> Symlinks themselves within profile.default work fine, as long as their target is in a location TB is permitted to read from, such as ~/Tor Browser .

> At this point three solutions come to mind:

> 1. A documentation-only approach, allowing a power user to hardcode his desired
> Torbutton setting with a workaround. The dotfiles persistence approach could still
> work, albeit in a rather hacky way, such as automatically running a bash script to
> create ~/.tor-browser/profile.default/prefs.js as the amnesia user logs in.

See my first reply in this thread, I think we're more or less on the
same page here. Initially this could require some manual setup (via
documentation) but we should aim for something that can be fully
configured via the GUI.

> 2. Modifying the TBB's Apparmor profile to allow access to a single additional
> directory:
> /lib/live/mount/persistence/TailsData_unlocked/dotfiles/.tor-browser/profile.default/preferences
> . This would allow a user to use dotfile persistence with the browser. But could it
> introduce a security issue?

Adjusting AppArmor settings if needed is an option.

But beware: we can't persist
~/.tor-browser/profile.default/preferences entirely, otherwise the
user will get frozen settings there, that never get updated when they
upgrade Tails. Dotfiles should avoid this problem if used carefully.

Cheers,
--
intrigeri