[tor-bugs] #33939 [Applications/Tor Browser]: Decide which components of Fenix to rip out, disable, or use
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 29 14:37:56 UTC 2020
#33939: Decide which components of Fenix to rip out, disable, or use
----------------------------------------------+----------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: new
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-mobile, TorBrowserTeam202004 | Actual Points:
Parent ID: #33184 | Points:
Reviewer: | Sponsor:
| Sponsor58-must
----------------------------------------------+----------------------------
Comment (by gk):
Replying to [comment:8 gk]:
> Replying to [comment:6 sysrqb]:
> > Replying to [comment:5 gk]:
> > > Thanks, that's a good start. Two thoughts while skimming the list (I
did not look carefully yet)
> > >
> > > 1) At least the progressive web apps (PWA) part should probably be
in the Must Audit section. We even have a ticket for that already: #25845
:)
> >
> > That's probably a smart thing, yes. PWA is only available in non-
private browsing mode in Fennec, but we should audit it in Fenix. Indeed,
PWA is available in private browsing mode in Fenix...
> >
> > >
> > > 2) I was wondering how the dependencies those dependencies have
would influence where we put them category-wise. So, starting with one
layer seems good to me but I feel we might need to dig deeper to have a
final assessment. One of the things I am already wary of is getting all
the application-services parts roped in "for free". Not all components are
probably needing that (I've not checked) but I bet some would move into
the Must Audit part alone due to that. And there's probably other stuff
that is bubbling in this morass, under the quiet surface... :)
> >
> > Ideally, we should audit everything, but I don't think that is
realistic. We should quickly look at all components in the `Include`
category and confirm they do not make any network calls or expose
personal/device information. I placed them in this category purely based
on my assumption of how these components are implemented.
>
> Just to be clear: I was _not_ saying we need to audit everything (yes,
ideally we would), just that it might be worth looking in particular at
the Mozilla dependencies of those dependencies to figure out whether
things should be re-categorized so that we have a closer second look on
components that really need it (even if the dependency check you did or
the assumptions you had indicated otherwise).
To give a practical example for that: if you look at Fenix you see that
it's building code that should do something useful in case crashes are
happening. Now, that depends on `android-components`' `lib-crash`.
However, if you look at the `build.gradle` file for that one you see:
{{{
compileOnly Gecko.geckoview_nightly
}}}
But we won't be basing Fenix on `geckoview_nightly` anytime soon. Thus,
it's reasonable to move this component out of the "Must Audit" to
something like "Disable" for the current purposes just by looking at the
second level dependencies and save time for auditing other stuff. But
that's obviously not a one way direction. :)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33939#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list