[tbb-bugs] #20352 [Applications/Tor Browser]: Integrate sandboxed Tor Browser into our gitian build system
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Nov 19 21:59:36 UTC 2016
#20352: Integrate sandboxed Tor Browser into our gitian build system
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
| team
Type: task | Status: new
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-gitian, tbb-sandboxing, | Actual Points:
GeorgKoppen201611, TorBrowserTeam201611 |
Parent ID: #19750 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by yawning):
These are the relevant versions of the runtime dependencies I need that
ship with Debian stable, which is probably the oldest set of packages that
are "reasonable" to assume installed.
* libx11-dev (The calls I use have always been there, and always will).
* Gtk+ 3.14 - Build assumes this, see the Makefile.
* libseccomp2 (2.2.1, 2.2.3 in backports).
The libseccomp bindings I use determine the version of the library at
compile time, so if we build against 2.2.1, we will be stuck with the
features supported by it. This degrades the effectiveness of the seccomp
filters I use somewhat because conditional rules do not work correctly
prior to 2.2.2.
(Someone should double check that `sandboxed-tor-browser` built against
ancient libs works even if more modern versions are installed, even if it
isn't as good as it can be.)
As far as building goes, since I use cgo, Go prior to 1.6.x would probably
end badly.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20352#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list