Hello, The Linux sandbox shipped it's first release 0.0.2 to users in December 2016, when Tor Browser 6.5a6 was released (the sandbox code isn't explcitily tied to the alpha, but the deterministic build binaries are currently done as part of the alpha Linux build).
The bulk of my work in December was getting something that was shippable developed, and dealing with the few bugs that slipped past my testing and developing improvements for 0.0.3. Pending 0.0.3 blockers: * #21057 Change the metadata URL(s) for the stable bundle. * Tagging it. Improvements in 0.0.3-dev (unreleased): * Fixed the two crash bugs present in 0.0.2 that affected a fraction of the userbase. * Switched back to the gosecco library as my seccomp-bpf compiler, removing the build time libseccomp2 dependency. * Deprecated 32bit x86 support. The x86 32 bit sandbox isn't as good due to seccomp-bpf limitations among other things (and in general exploit mitigation/hardening options are weaker on that platform), so I made the decision to only support x86_64 for the foreseeable future. * Improved the updater robustness, by allowing it to fall back to complete updates in addition to incremental. * Implemented a background update check mechanism, with notifications integrated to the user's desktop environment (libnotify is required to see update notifications). * Numerous other minor bugfixes/improvements. Tor Browser bugs that affect the sandbox: * #20283 Tor Browser should run without a `/proc` filesystem. I personally think this is the biggest problem with the existing sandbox, as /proc has, quite frankly an unacceptable amount of information regarding the user and the host system that firefox under no circumstances should be exposed to. Once the bug is fixed, changing the container setup will take all of 5 mins on my end... * #21091 Hide the "Check for Tor Browser Update..." menu entry when running under the sandbox. (This has a trivial branch) Since my tasking is changing this year, development on this from me will likely slow down considerably, but I think I got it to an ok state (apart from the /proc thing, which is beyond my control). Regards, -- Yawning Angel
pgpPZM70KxYKH.pgp
Description: OpenPGP digital signature
_______________________________________________ tor-reports mailing list tor-reports@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-reports