[tbb-bugs] #29630 [Applications/Tor Browser]: TorBrowser creates empty directory in "/tmp"

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 25 19:21:00 UTC 2020 

#29630: TorBrowser creates empty directory in "/tmp"
----------------------------------------+--------------------------
 Reporter:  AxelF                       |          Owner:  tbb-team
     Type:  defect                      |         Status:  new
 Priority:  Medium                      |      Milestone:
Component:  Applications/Tor Browser    |        Version:
 Severity:  Normal                      |     Resolution:
 Keywords:  tbb-disk-leak,BugSmashFund  |  Actual Points:
Parent ID:                              |         Points:
 Reviewer:                              |        Sponsor:
----------------------------------------+--------------------------

Comment (by mcs):

 Kathy and I spent a little time today on this issue. Two `Temp-GUID`
 directories are created and used by the browser's sandbox, and this issue
 exists on all platforms. See:
 https://gitweb.torproject.org/tor-
 browser.git/tree/toolkit/xre/nsXREDirProvider.cpp?h=tor-
 browser-68.6.0esr-9.5-1-build2#n706

 The base directory comes from https://gitweb.torproject.org/tor-
 browser.git/tree/toolkit/xre/nsXREDirProvider.cpp?h=tor-
 browser-68.6.0esr-9.5-1-build2#n616; on Windows it is
 `NS_WIN_LOW_INTEGRITY_TEMP_BASE` (aka `"LowTmpDBase"`) and on Linux and
 macOS it is `NS_OS_TEMP_DIR` (aka `"TmpD"`).

 It is tempting to change the implementation in
 `xpcom/io/nsDirectoryService.cpp` that handles those two locations to
 return a base directory that is within the Tor Browser data directory.
 Kathy and I are not familiar enough with the sandboxing code and other
 uses of those directories to know what might break if we made such a
 change, but we could try it in and see. Proposed locations:
  macOS: `TorBrowser-Data/Browser/tmp/`
  Windows and Linux: `Browser/TorBrowser/Data/Browser/tmp/`
 Another potential problem is that if the browser leaves any files behind
 in this new tmp directory they will not be cleaned up (unlike the OS temp
 directories, which will get cleaned up eventually). I suppose we could
 delete the contents of the tmp directory early in browser startup.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29630#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list