tor-browser 2.57 KB
Newer Older
1 2
#!/bin/sh

3 4 5 6 7 8
# AppArmor Ux rules don't sanitize $PATH, which can lead to an
# exploited application (that's allowed to run this script unconfined)
# having this script run arbitrary code, violating that application's
# confinement. Let's prevent that by setting PATH to a list of
# directories where only root can write.
export PATH='/usr/local/bin:/usr/bin:/bin'
9 10

set -e
11
set -u
12 13 14 15 16 17 18

. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN

PROFILE="${HOME}/.tor-browser/profile.default"

19
# Import exec_firefox() and configure_best_tor_browser_locale()
20 21
. /usr/local/lib/tails-shell-library/tor-browser.sh

anonym's avatar
anonym committed
22 23 24
# Get LIVE_USERNAME
. /etc/live/config.d/username.conf

segfault's avatar
segfault committed
25 26 27
# Import tor_has_bootstrapped()
. /usr/local/lib/tails-shell-library/systemd.sh

28 29 30 31
# Allow Torbutton access to the control port filter (for new identity).
# Setting a password is required, otherwise Torbutton attempts to
# read the authentication cookie file instead, which fails.
export TOR_CONTROL_HOST='127.0.0.1'
32
export TOR_CONTROL_PORT='9051'
33 34 35 36 37 38 39
export TOR_CONTROL_PASSWD='passwd'
# Hide Torbutton's "Tor Network Settings..." context menu entry since
# it doesn't work in Tails, and we deal with those configurations
# strictly through Tor Launcher.
export TOR_NO_DISPLAY_NETWORK_SETTINGS='yes'


40
ask_for_confirmation() {
41
    if [ "${TOR_BROWSER_SKIP_OFFLINE_WARNING:-}" = 'yes' ] || \
42
       pgrep -u "${LIVE_USERNAME}" -f "${TBB_INSTALL}/firefox.real"; then
43 44 45
        return
    fi

46 47 48 49
    local dialog_title="`gettext \"Tor is not ready\"`"
    local dialog_text="`gettext \"Tor is not ready. Start Tor Browser anyway?\"`"
    local dialog_start="`gettext \"Start Tor Browser\"`"
    local dialog_cancel="`gettext \"Cancel\"`"
50
    zenity --question --ellipsize --title "$dialog_title" --text="$dialog_text" \
51
           --default-cancel --ok-label "$dialog_start" --cancel-label "$dialog_cancel"
52 53 54 55
}

start_browser() {
    if [ ! -d "${PROFILE}" ]; then
56
        /usr/local/lib/generate-tor-browser-profile
57 58
    fi

59 60 61 62
    TMPDIR="${PROFILE}/tmp"
    mkdir --mode=0700 -p "$TMPDIR"
    export TMPDIR

63 64
    configure_tor_browser_memory_usage "${PROFILE}"

65 66 67
    # We need to set general.useragent.locale properly to get
    # localized search plugins (and perhaps other things too). It is
    # not enough to simply set intl.locale.matchOS to true.
68 69
    configure_best_tor_browser_locale "${PROFILE}"

70
    exec_firefox -allow-remote --class "Tor Browser" -profile "${PROFILE}" "${@}"
71 72 73
}


segfault's avatar
segfault committed
74
if tor_has_bootstrapped || ask_for_confirmation; then
75 76 77 78 79 80
    # Torbutton 1.5.1+ uses those environment variables
    export TOR_SOCKS_HOST='127.0.0.1'
    export TOR_SOCKS_PORT='9150'

    start_browser "${@}"
fi