[tor-bugs] #18371 [Tor Browser]: TorBrowser.app.meek-http-helper symlinks incompatible with Gatekeeper signing
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Feb 22 16:52:18 UTC 2016
#18371: TorBrowser.app.meek-http-helper symlinks incompatible with Gatekeeper
signing
-----------------------------+--------------------
Reporter: mcs | Owner: mcs
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID: #13252
Points: | Sponsor:
-----------------------------+--------------------
Experimentation shows that the symlink approach that we currently use to
create a meek-specific "copy" of Tor Browser on Mac OS is not compatible
with Apple's Gatekeeper code signing. Apple's codesign command complains
about an invalid Info.plist because it is checking that the application
binary (firefox) is where the Info.plist says it is and symlinks are
apparently not traversed.
One possible solution is to eliminate the TorBrowser.app.meek-http-helper
linked app bundle and add support to firefox for a command line option
that causes the application to run as a background app. See
https://trac.torproject.org/projects/tor/ticket/11429#comment:8 for more
info.
Perhaps if we make the call to TransformProcessType() very early during
firefox startup the problem that occurred before (dock icon appearing
briefly during startup of the meek browser) will not occur. Another
possibility is to change the Info.plist for Tor Browser so that the dock
icon is hidden by default and then un-hide it when *not* running as the
meek helper browser.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18371>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list