Hi List! I've been working with Erinn to sandbox the TBB much like chrome and ironfox are on osx, but now I think we need some opinions regarding where to go next.
See this page for more information on what the sandbox is enforcing: https://trac.torproject.org/projects/tor/wiki/projects/TorBrowserBundle/OSX/Security For those that hate clicking on links; Issues in need of discussion * TBB is not allowed to read the users preferences. This can man the browser look different than other windows (as it will use the default). * No plugins - maybe we(or the user) wants flash etc? * Should we allow users to add extensions? * Are We allowing cut & paste? * Are users allowed to write to disk? where? * Only system fonts are allowed ( privacy ) * Uploading files is tricky if users are not allowed to read any directory visible in finder * Certain operations can trigger NSCF errors, which will be present in the systemlog. This needs testing Also, as we need to maintain two different policies (as the Sandbox have different limitations on 10.5 vs 10.6), there might be some limitations on what we can accomplish on both platforms. Obvious things left to be done is to sandbox polipo and tor itself (when they launch from vidalia). Regards Andreas *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
