[tbb-bugs] #32505 [Applications/Tor Browser]: Tighten our rules in our entitelements file for macOS
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Nov 15 08:36:22 UTC 2019
#32505: Tighten our rules in our entitelements file for macOS
-------------------------------------+-------------------------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor | Version:
Browser | Keywords: tbb-security, tbb-sign,
Severity: Normal | GeorgKoppen201911
Actual Points: | Parent ID: #32504
Points: | Reviewer:
Sponsor: |
-------------------------------------+-------------------------------------
comment:40:ticket:30126 mentions two possible rules we could tighten in
our entitelments file:
com.apple.security.cs.disable-library-validation=false
com.apple.security.automation.apple-events=false
The former seems indeed to be a clear winner but I am not sure about the
latter as we usually don't want to break the expected behavior for users
installing WebExtensions (even if we don't recommend it).
We could think about more rules to be tightened while we are at it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32505>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list