[tbb-bugs] #14795 [Tor Browser]: Windows Environmental Variables not usable in Profiles.ini when deploying tor browser across a domain

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Feb 7 18:39:59 UTC 2015 

#14795: Windows Environmental Variables not usable in Profiles.ini when deploying
tor browser across a domain
-------------------------------------------------+-------------------------
 Reporter:  johnakabean                          |          Owner:  tbb-
     Type:  defect                               |  team
 Priority:  blocker                              |         Status:  new
Component:  Tor Browser                          |      Milestone:
 Keywords:  windows, variables, windows          |        Version:
  environment, windows environmental variables,  |  Actual Points:
  windows variables                              |         Points:
Parent ID:                                       |
-------------------------------------------------+-------------------------
 We run a domain and tor.exe as nt services on the DC's. We are trying to
 deploy torbrowser, by request of users, for its privacy features. I setup
 a default profile to deploy to the user's roaming profiles and
 torbrowser's profiles.ini ( in %ProgramFiles(X86)% ) is set to look for
 them in "Path=%Appdata%\TB\Profile" (Profiles.ini config). However,
 torbrowser refuses to litigate environmental variables of the domain (
 %variable%).

 For security, our users cannot run .exe's on the domain that are not
 installed in either of the Program Files locations or the windows
 directory; we must deploy it this way, which is also the corrrect way, per
 MCSE and RFC's.

 Firefox has no problem doing this, which we have had deployed the same for
 years. I am even giving current users an option to COPY their firefox
 profile as their torbrowser profile instead of copying from the Domain's
 Skeleton where I have put a default torbrowser profile.

 Of course, since we have tor running on port 1080 of the DC's and have
 configured load balancing and the default profile to use it, I removed tor
 launcher from tor browser; It's just the browser that they're running as
 their username. It would be unwise and ridiculous to have 10,000 tor.exe's
 running, one for each logged in user.

 I even setup the tor's to utilize our ipv6 native network, which the
 clients running tor.exe wouldn't be able to do if we allowed tor.exe to
 run on the workstations.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14795>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list