[tor-commits] [Git][tpo/applications/mullvad-browser][mullvad-browser-115.6.0esr-13.5-1] 2 commits: fixup! Base Browser's .mozconfigs.
Pier Angelo Vendrame pushed to branch mullvad-browser-115.6.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 90eff981 by Pier Angelo Vendrame at 2023-12-19T19:24:10+01:00 fixup! Base Browsers .mozconfigs. Bug 42337: Enable GeckoDriver for all desktop platforms - - - - - 693ca54f by Pier Angelo Vendrame at 2023-12-19T19:24:27+01:00 fixup! Base Browsers .mozconfigs. Bug 42146: Use LLD on Linux. This should allow us to restore debug symbols on Linux i686. - - - - - 4 changed files: - browser/config/mozconfigs/base-browser - mozconfig-linux-i686 - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-dev Changes: = browser/config/mozconfigs/base-browser = @@ -44,3 +44,6 @@ ac_add_options --disable-legacy-profile-creation if test -z "$WASI_SYSROOT"; then ac_add_options --without-wasm-sandboxed-libraries fi + +# tor-browser#42337 +ac_add_options --enable-geckodriver = mozconfig-linux-i686 = @@ -2,8 +2,11 @@ ac_add_options --target=i686-linux-gnu -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +# Also, gold used not to work with debug symbols (tor-browser#42146). +ac_add_options --enable-linker=lld + +ac_add_options --disable-strip +ac_add_options --disable-install-strip -# Bug 31448: ld.gold fails if we don't disable debug-symbols. -# Also, we keep strip enabled. -ac_add_options --disable-debug-symbols +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64 = @@ -1,9 +1,9 @@ . $topsrcdir/browser/config/mozconfigs/mullvad-browser -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld ac_add_options --disable-strip ac_add_options --disable-install-strip -# We want to bundle an own geckodriver, so we can use it for QA and other work -ac_add_options --enable-geckodriver +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64-dev = @@ -4,6 +4,9 @@ # It is only intended to be used when doing incremental Linux builds # during development. +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld + export MOZILLA_OFFICIAL= ac_add_options --with-branding=browser/branding/mb-nightly View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/248ae1fbb299f03546a515d967826822b1cc35ac...693ca54f6d6db623c6f61b666560b3146941a7b2 -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/248ae1fbb299f03546a515d967826822b1cc35ac...693ca54f6d6db623c6f61b666560b3146941a7b2 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.6.0esr-13.5-1] 2 commits: fixup! Base Browser's .mozconfigs.
Pier Angelo Vendrame pushed to branch tor-browser-115.6.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 06650bd2 by Pier Angelo Vendrame at 2023-12-19T19:03:00+01:00 fixup! Base Browsers .mozconfigs. Bug 42337: Enable GeckoDriver for all desktop platforms - - - - - d481630a by Pier Angelo Vendrame at 2023-12-19T19:03:01+01:00 fixup! Base Browsers .mozconfigs. Bug 42146: Use LLD on Linux. This should allow us to restore debug symbols on Linux i686. - - - - - 4 changed files: - browser/config/mozconfigs/base-browser - mozconfig-linux-i686 - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-dev Changes: = browser/config/mozconfigs/base-browser = @@ -46,3 +46,6 @@ ac_add_options --disable-legacy-profile-creation if test -z "$WASI_SYSROOT"; then ac_add_options --without-wasm-sandboxed-libraries fi + +# tor-browser#42337 +ac_add_options --enable-geckodriver = mozconfig-linux-i686 = @@ -2,8 +2,11 @@ ac_add_options --target=i686-linux-gnu -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +# Also, gold used not to work with debug symbols (tor-browser#42146). +ac_add_options --enable-linker=lld + +ac_add_options --disable-strip +ac_add_options --disable-install-strip -# Bug 31448: ld.gold fails if we don't disable debug-symbols. -# Also, we keep strip enabled. -ac_add_options --disable-debug-symbols +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64 = @@ -1,9 +1,9 @@ . $topsrcdir/browser/config/mozconfigs/tor-browser -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld ac_add_options --disable-strip ac_add_options --disable-install-strip -# We want to bundle an own geckodriver, so we can use it for QA and other work -ac_add_options --enable-geckodriver +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64-dev = @@ -4,6 +4,9 @@ # It is only intended to be used when doing incremental Linux builds # during development. +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld + export MOZILLA_OFFICIAL= export MOZ_APP_REMOTINGNAME="Tor Browser Dev" ac_add_options --with-branding=browser/branding/tb-nightly View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a748654f9af7e6458e21a701e53246854c698e1...d481630a1ff1a7f4005fd815756a45ea63194f55 -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a748654f9af7e6458e21a701e53246854c698e1...d481630a1ff1a7f4005fd815756a45ea63194f55 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build] Pushed new tag mb-13.5a3-build1
richard pushed new tag mb-13.5a3-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-13.5a3-build1 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41050: Improve disk leak sanitization on startup.
ma1 pushed to branch maint-13.0 at The Tor Project / Applications /
tor-browser-build
Commits:
8ebeb4d1 by hackademix at 2023-12-19T17:15:07+01:00
Bug 41050: Improve disk leak sanitization on startup.
- - - - -
1 changed file:
- projects/browser/RelativeLink/start-browser
Changes:
=
projects/browser/RelativeLink/start-browser
=
@@ -258,18 +258,32 @@ HOME="${PWD}"
export HOME
# Prevent disk leaks in $HOME/.local/share (tor-browser#17560)
+function erase_leaky() {
+ local leaky="$1"
+ [ -e "$leaky" ] &&
+ ( srm -r "$leaky" ||
+ wipe -r "$leaky" ||
+ find "$leaky" -type f -exec shred -u {} \; ;
+ rm -rf "$leaky"
+ ) > /dev/null 2>&1
+}
local_dir="$HOME/.local/"
share_dir="$local_dir/share"
-if [ -d "$share_dir" ]; then
-( srm -r "$share_dir" ||
- wipe -r "$share_dir" ||
- find "$share_dir" -type f -exec shred -u {} \; ;
- rm -rf "$share_dir"
-) > /dev/null 2>&1
-else
-mkdir -p "$local_dir"
+# We don't want to mess with symlinks, possibly pointing outside the
+# Browser directory (tor-browser-build#41050).
+# We're not using realpath/readlink for consistency with the (possibly
+# outdated) availability assumptions made elsewhere in this script.
+if ! [ -L "$local_dir" -o -L "$share_dir" ]; then
+ if [ -d "$share_dir" ]; then
+ for leaky_path in "gvfs-metadata" "recently-used.xbel"; do
+ erase_leaky "$share_dir/$leaky_path"
+ done
+ else
+ mkdir -p "$local_dir"
+ fi
+ ln -fs /dev/null "$share_dir"
fi
-ln -fs /dev/null "$share_dir"
+[ -L "$HOME/.cache" ] || erase_leaky "$HOME/.cache/nvidia"
[% IF c("var/tor-browser") -%]
SYSARCHITECTURE=$(getconf LONG_BIT)
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8ebeb4d1651dfbd73d96df293e115835ccf7de83
--
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8ebeb4d1651dfbd73d96df293e115835ccf7de83
You're receiving this email because of your account on gitlab.torproject.org.
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.6.0esr-13.5-1-build2
richard pushed new tag mullvad-browser-115.6.0esr-13.5-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullvad-browser-115.6.0esr-13.5-1-build2 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bug 41041: Sign mullvad-browser nightly updates
boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: fd32e065 by Nicolas Vigier at 2023-12-19T14:01:33+01:00 Bug 41041: Sign mullvad-browser nightly updates - - - - - 1 changed file: - tools/signing/nightly/config.yml Changes: = tools/signing/nightly/config.yml = @@ -13,16 +13,14 @@ torbrowser: nss_db_dir: nssdb appname_marfile: tor-browser appname_bundle: tor-browser -basebrowser: +mullvadbrowser: publish_dirs: -- basebrowser-nightly-linux-x86_64 -- basebrowser-nightly-linux-i686 -- basebrowser-nightly-windows-x86_64 -- basebrowser-nightly-windows-i686 -- basebrowser-nightly-macos - nss_db_dir: nssdb-basebrowser-1 - appname_marfile: base-browser - appname_bundle: base-browser +- mullvadbrowser-nightly-linux-x86_64 +- mullvadbrowser-nightly-windows-x86_64 +- mullvadbrowser-nightly-macos + nss_db_dir: nssdb-mullvadbrowser-1 + appname_marfile: mullvad-browser + appname_bundle: mullvad-browser nss_certname: nightly-marsigner gpg_keyring: keyring/torbrowser-nightly.gpg rsync_dest: /srv/tbb-nightlies-master.torproject.org/htdocs/nightly-updates/ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/fd32e065f27a2ad609eef7e38b7c11f2188271bd -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/fd32e065f27a2ad609eef7e38b7c11f2188271bd You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41044: Add version.json file to Mullvad Browser
richard pushed to branch maint-13.0 at The Tor Project / Applications /
tor-browser-build
Commits:
f958a200 by Nicolas Vigier at 2023-12-19T12:01:40+00:00
Bug 41044: Add version.json file to Mullvad Browser
Add a file to make it easier to detect the version of Mullvad Browser
installed, like the tbb_version.json file we have in Tor Browser.
- - - - -
2 changed files:
- projects/browser/build
- projects/browser/config
Changes:
=
projects/browser/build
=
@@ -302,10 +302,9 @@ do
[% c("touch") %] defaults/preferences/[% c("var/prefs_file") %]
zip -Xm omni.ja defaults/preferences/[% c("var/prefs_file") %]
rm -rf defaults
- [% IF c("var/tor-browser") %]
-# create tbb_version.json file for tor-browser#25020
-echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[%
c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"en-US"}' >
../tbb_version.json
- [% END -%]
+ # create tbb_version.json (torbrowser) or version.json (mullvadbrowser)
+ # file for tor-browser#25020 and tor-browser-build#41044
+ echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[%
c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"en-US"}' >
../[% c("var/version_json") %]
popd
done
=
projects/browser/config
=
@@ -13,6 +13,7 @@ var:
- bzip2
- jq
mar_osname: '[% c("var/osname") %]'
+ version_json: version.json
targets:
linux:
@@ -49,6 +50,7 @@ targets:
torbrowser:
var:
prefs_file: 000-tor-browser.js
+ version_json: tbb_version.json
basebrowser:
var:
prefs_file: 001-base-profile.js
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f958a20063525401a051af69044c745b579c362b
--
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f958a20063525401a051af69044c745b579c362b
You're receiving this email because of your account on gitlab.torproject.org.
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41043: Create script to push build requests to Mullvad build servers
richard pushed to branch maint-13.0 at The Tor Project / Applications /
tor-browser-build
Commits:
10fe31fe by Richard Pospesel at 2023-12-19T12:00:13+00:00
Bug 41043: Create script to push build requests to Mullvad build servers
- - - - -
4 changed files:
- Makefile
- projects/release/config
- + projects/release/kick_devmole_build
- rbm.local.conf.example
Changes:
=
Makefile
=
@@ -679,6 +679,10 @@ torbrowser-signtag-release: submodule-update
torbrowser-signtag-alpha: submodule-update
$(rbm) build release --step signtag --target alpha --target torbrowser
+# requires var/devmole_auth_token to be set in rbm.local.conf
+torbrowser-kick-devmole-build: submodule-update
+ $(rbm) build release --step kick_devmole_build --target torbrowser
+
# requires tpo_user variable be set in rbm.local.conf
mullvadbrowser-upload-sha256sums-release: submodule-update
$(rbm) build release --step upload_sha256sums --target release --target
mullvadbrowser
@@ -693,6 +697,10 @@ mullvadbrowser-signtag-release: submodule-update
mullvadbrowser-signtag-alpha: submodule-update
$(rbm) build release --step signtag --target alpha --target
mullvadbrowser
+# requires var/devmole_auth_token to be set in rbm.local.conf
+mullvadbrowser-kick-devmole-build: submodule-update
+ $(rbm) build release --step kick_devmole_build --target mullvadbrowser
+
fetch: submodule-update
$(rbm) fetch
=
projects/release/config
=
@@ -279,3 +279,8 @@ steps:
name: mar-tools
pkg_type: fetch_martools
compare_mar_signed_unsigned: '[% INCLUDE compare_mar_signed_unsigned %]'
+ kick_devmole_build:
+build_log: '-'
+debug: 0
+input_files: []
+kick_devmole_build: '[% INCLUDE kick_devmole_build %]'
=
projects/release/kick_devmole_build
=
@@ -0,0 +1,42 @@
+#!/usr/bin/bash
+
+# This script triggers a build of Tor or Mullvad Browser on Mullvad
Infrastructure
+# Hashes are saved here: https://cdn.stagemole.eu/hashes/
+# A Mullvad build server auth token (var/devmole_auth_token) is required to
build
+# For now you have to be connecting from Sweden (ie via Malmö or Gothenburg
exits using MullvadVPN) for your request to succeed
+
+set -e
+
+# get our build tag
+TAG=[% c("var/git_tag_prefix") %]-[% c("var/torbrowser_version") %]-[%
c("var/torbrowser_build") %]
+
+# check for tag existence
+if ! git rev-parse ${TAG} > /dev/null 2>&1; then
+echo "Error: build tag '${TAG}' does not exist"
+exit 1
+fi
+
+# determine whether alpha or release based on the build tag
+RELEASE=
+if [[ "${TAG}" =~ ^(mb|tbb)-[1-9][0-9]\.[05]a[1-9][0-9]*-build[1-9]$ ]]; then
+RELEASE="alpha"
+elif [[ "${TAG}" =~ ^(mb|tbb)-[1-9][0-9]\.[05](\.[1-9][0-9]*)?-build[1-9]$ ]];
then
+RELEASE="release"
+else
+echo "Error: malformed build tag '${TAG}'"
+exit 1
+fi
+
+# get auth token for submission to devmole build server
+AUTH_TOKEN=[% c("buildconf/devmole_auth_token") %]
+if [[ "${AUTH_TOKEN}" = "" ]]; then
+echo "AUTH_TOKEN: ${AUTH_TOKEN}"
+echo "Error: buildconf/devmole_auth_token missing from rbm.local.conf"
+exit 1
+fi
+
+# make request
+curl -X POST
"https://drone-server.devmole.eu/api/repos/mullvad/browser-build/builds?branch=main=${TAG}=${RELEASE};
-H "Authorization: Bearer ${AUTH_TOKEN}" -H "Accept: application/json"
+
+echo
+echo Hashes will appear here: https://cdn.stagemole.eu/hashes/[%
c("var/projectname") %]/[% c("var/torbrowser_version") %]-[%
c("var/torbrowser_build") %]
=
rbm.local.conf.example
=
@@ -42,6 +42,11 @@ buildconf:
### signing the tag.
#git_signtag_opt: '-u keyid'
+ ### The buildconf/devmole_auth_token option is used for starting remote
builds on
+ ### Mullvad's devmole server using the kick_devmole_build step in the release
+ ### project. Such a token can be acquired from the Mullvad sysadmins.
+ #devmole_auth_token: abcdefghijklmnopqrstuvwxyz012345
+
var:
local_conf: 1
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/10fe31feb7efd4dd7a68364d4cb43cf54e9444a8
--
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/10fe31feb7efd4dd7a68364d4cb43cf54e9444a8
You're receiving this email because of your account on gitlab.torproject.org.
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/mullvad-browser][mullvad-browser-115.6.0esr-13.5-1] squash! MB 79: Add Mullvad Browser MAR signing keys
richard pushed to branch mullvad-browser-115.6.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 248ae1fb by Nicolas Vigier at 2023-12-19T11:11:15+00:00 squash! MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - 2 changed files: - toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der - toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der Changes: = toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der = Binary files a/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der and b/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der differ = toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der = Binary files a/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der and b/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/248ae1fbb299f03546a515d967826822b1cc35ac -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/248ae1fbb299f03546a515d967826822b1cc35ac You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.6.0esr-13.5-1-build1
richard pushed new tag mullvad-browser-115.6.0esr-13.5-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullvad-browser-115.6.0esr-13.5-1-build1 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bump wasm-bindgen version to 11f80c3b
richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 104533c0 by Cecylia Bocovich at 2023-12-19T09:52:20+00:00 Bump wasm-bindgen version to 11f80c3b - - - - - 1 changed file: - projects/wasm-bindgen/config Changes: = projects/wasm-bindgen/config = @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: 0.2.86 git_url: https://github.com/cohosh/wasm-bindgen -git_hash: ecc5ca153cda278bfcebc99c157fb4732eb75e6e +git_hash: 11f80c3bb0de061fd3969157fa2157a73c74b934 container: use_container: 1 @@ -16,4 +16,4 @@ steps: project: wasm-bindgen pkg_type: cargo_vendor norec: - sha256sum: 926e938cc4eebf2f5c99f34170fddc5aa7b12445fb379d768eb51aaae3b305a3 + sha256sum: e811e92e85b16520dbfe746efc21912308fb7be8815f348ae0b2daafa0cec90d View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/104533c0e9eb3d56ddd5d537c43a354e3cd59dfe -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/104533c0e9eb3d56ddd5d537c43a354e3cd59dfe You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bug 41050: Improve disk leak sanitization on startup.
ma1 pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
5a97ba07 by hackademix at 2023-12-19T10:22:07+01:00
Bug 41050: Improve disk leak sanitization on startup.
- - - - -
1 changed file:
- projects/browser/RelativeLink/start-browser
Changes:
=
projects/browser/RelativeLink/start-browser
=
@@ -258,18 +258,32 @@ HOME="${PWD}"
export HOME
# Prevent disk leaks in $HOME/.local/share (tor-browser#17560)
+function erase_leaky() {
+ local leaky="$1"
+ [ -e "$leaky" ] &&
+ ( srm -r "$leaky" ||
+ wipe -r "$leaky" ||
+ find "$leaky" -type f -exec shred -u {} \; ;
+ rm -rf "$leaky"
+ ) > /dev/null 2>&1
+}
local_dir="$HOME/.local/"
share_dir="$local_dir/share"
-if [ -d "$share_dir" ]; then
-( srm -r "$share_dir" ||
- wipe -r "$share_dir" ||
- find "$share_dir" -type f -exec shred -u {} \; ;
- rm -rf "$share_dir"
-) > /dev/null 2>&1
-else
-mkdir -p "$local_dir"
+# We don't want to mess with symlinks, possibly pointing outside the
+# Browser directory (tor-browser-build#41050).
+# We're not using realpath/readlink for consistency with the (possibly
+# outdated) availability assumptions made elsewhere in this script.
+if ! [ -L "$local_dir" -o -L "$share_dir" ]; then
+ if [ -d "$share_dir" ]; then
+ for leaky_path in "gvfs-metadata" "recently-used.xbel"; do
+ erase_leaky "$share_dir/$leaky_path"
+ done
+ else
+ mkdir -p "$local_dir"
+ fi
+ ln -fs /dev/null "$share_dir"
fi
-ln -fs /dev/null "$share_dir"
+[ -L "$HOME/.cache" ] || erase_leaky "$HOME/.cache/nvidia"
[% IF c("var/tor-browser") -%]
SYSARCHITECTURE=$(getconf LONG_BIT)
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5a97ba07148a176580dd536a65dc7ebba6565775
--
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5a97ba07148a176580dd536a65dc7ebba6565775
You're receiving this email because of your account on gitlab.torproject.org.
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
