Commit dec5522b authored by segfault's avatar segfault
Browse files

Merge branch 'devel' into bugfix/16952-keepassxc-not-in-POTFILES.in

parents e7223e5b 0a1ea458
......@@ -60,7 +60,7 @@ for origin in $(list_origins) ; do
# code complexity (=> higher maintenance cost).
#
# XXX: Bullseye: bump the end of the range of major versions
for major in $(seq 3 4 5) ; do
for major in $(seq 3 5); do
for minor in $(seq 0 32); do
for suffix in "" alpha beta rc ; do
for suffix_n in "" $(seq 1 8); do
......
diff --git a/etc/apparmor.d/torbrowser.Browser.firefox b/etc/apparmor.d/torbrowser.Browser.firefox
index 9f269e1..82def53 100644
index f782f35..a80365d 100644
--- a/etc/apparmor.d/torbrowser.Browser.firefox
+++ b/etc/apparmor.d/torbrowser.Browser.firefox
@@ -1,10 +1,11 @@
@@ -1,11 +1,12 @@
#include <tunables/global>
#include <tunables/torbrowser>
......@@ -10,31 +10,30 @@ index 9f269e1..82def53 100644
+@{torbrowser_firefox_executable} = /usr/local/lib/tor-browser/firefox.real
profile torbrowser_firefox @{torbrowser_firefox_executable} {
#include <abstractions/audio>
#include <abstractions/gnome>
+ #include <abstractions/ibus>
# Uncomment the following lines if you want to give the Tor Browser read-write
# access to most of your personal files.
@@ -25,13 +26,16 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
@@ -14,6 +15,7 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
# Audio support
/{,usr/}bin/pulseaudio Pixr,
+ /etc/asound.conf r,
#dbus,
network netlink raw,
@@ -29,6 +31,8 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
deny /etc/passwd r,
deny /etc/group r,
deny /etc/mailcap r,
+ deny @{HOME}/.local/share/gvfs-metadata/home r,
+ deny /run/resolvconf/resolv.conf r,
- deny /etc/machine-id r,
- deny /var/lib/dbus/machine-id r,
+ /etc/machine-id r,
+ /var/lib/dbus/machine-id r,
/dev/ r,
/dev/shm/ r,
+ owner @{PROC}/@{pid}/environ r,
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/mountinfo r,
owner @{PROC}/@{pid}/stat r,
@@ -39,32 +43,36 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
/etc/machine-id r,
/var/lib/dbus/machine-id r,
@@ -44,36 +48,35 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
owner @{PROC}/@{pid}/task/*/stat r,
@{PROC}/sys/kernel/random/uuid r,
......@@ -50,13 +49,17 @@ index 9f269e1..82def53 100644
- owner @{torbrowser_home_dir}/*.so mr,
- owner @{torbrowser_home_dir}/.cache/fontconfig/ rwk,
- owner @{torbrowser_home_dir}/.cache/fontconfig/** rwkl,
- owner @{torbrowser_home_dir}/components/*.so mr,
- owner @{torbrowser_home_dir}/browser/components/*.so mr,
- owner @{torbrowser_home_dir}/browser/** r,
- owner @{torbrowser_home_dir}/{,browser/}components/*.so mr,
- owner @{torbrowser_home_dir}/Downloads/ rwk,
- owner @{torbrowser_home_dir}/Downloads/** rwk,
- owner @{torbrowser_home_dir}/firefox rix,
- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/updater ix,
- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/0/MozUpdater/bgupdate/updater ix,
- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/* rw,
- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/{,MozUpdater/bgupdate/}updater ix,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/.parentwritetest rw,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profiles.ini r,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/ r,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/{,**} rwk,
- owner @{torbrowser_home_dir}/TorBrowser/Data/fontconfig/fonts.conf r,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/tor px,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/ r,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so mr,
......@@ -74,8 +77,7 @@ index 9f269e1..82def53 100644
+ owner @{HOME}/.mozilla/firefox/bookmarks/** rwk,
+ owner /live/persistence/TailsData_unlocked/bookmarks/ rwk,
+ owner /live/persistence/TailsData_unlocked/bookmarks/** rwk,
+ owner @{HOME}/.tor-browser/profile.default/ r,
+ owner @{HOME}/.tor-browser/profile.default/** rwk,
+ owner @{HOME}/.tor-browser/profile.default/{,**} rwk,
+
+ /etc/xul-ext/ r,
+ /etc/xul-ext/** r,
......@@ -83,19 +85,19 @@ index 9f269e1..82def53 100644
+ /usr/local/share/tor-browser-extensions/** rk,
+ /usr/share/{xul-,web}ext/ r,
+ /usr/share/{xul-,web}ext/** r,
+ /usr/share/mozilla/extensions/ r,
+ /usr/share/mozilla/extensions/** r,
+ /usr/share/{chromium,mozilla}/extensions/ r,
+ /usr/share/{chromium,mozilla}/extensions/** r,
+
+ /usr/share/doc/tails/website/ r,
+ /usr/share/doc/tails/website/** r,
# Web Content processes
- owner @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
+ @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
# parent Firefox process when restarting after upgrade, Web Content processes
- owner @{torbrowser_firefox_executable} ixmr -> torbrowser_firefox,
+ @{torbrowser_firefox_executable} ixmr -> torbrowser_firefox,
/etc/mailcap r,
/etc/mime.types r,
@@ -88,12 +96,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
@@ -97,12 +100,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
/sys/devices/system/node/node[0-9]*/meminfo r,
deny /sys/devices/virtual/block/*/uevent r,
......@@ -108,7 +110,7 @@ index 9f269e1..82def53 100644
# Required for multiprocess Firefox (aka Electrolysis, i.e. e10s)
owner /{dev,run}/shm/org.chromium.* rw,
@@ -107,6 +109,29 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
@@ -116,6 +113,29 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
deny @{HOME}/.cache/fontconfig/** rw,
deny @{HOME}/.config/gtk-2.0/ rw,
deny @{HOME}/.config/gtk-2.0/** rw,
......@@ -138,7 +140,7 @@ index 9f269e1..82def53 100644
deny @{PROC}/@{pid}/net/route r,
deny /sys/devices/system/cpu/cpufreq/policy[0-9]*/cpuinfo_max_freq r,
deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
@@ -122,5 +147,10 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
@@ -132,5 +152,10 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
/etc/xfce4/defaults.list r,
/usr/share/xfce4/applications/ r,
......@@ -148,121 +150,6 @@ index 9f269e1..82def53 100644
+ deny owner /var/tmp/** rwklx,
+ deny /var/tmp/ rwklx,
+ deny owner /tmp/** rwklx,
+ deny /tmp/ rwklx,
}
diff --git a/etc/apparmor.d/torbrowser.Browser.plugin-container b/etc/apparmor.d/torbrowser.Browser.plugin-container
index fdf5fda..4015928 100644
--- a/etc/apparmor.d/torbrowser.Browser.plugin-container
+++ b/etc/apparmor.d/torbrowser.Browser.plugin-container
@@ -1,7 +1,7 @@
#include <tunables/global>
#include <tunables/torbrowser>
-@{torbrowser_firefox_executable} = /home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox.real
+@{torbrowser_firefox_executable} = /usr/local/lib/tor-browser/firefox.real
profile torbrowser_plugin_container {
#include <abstractions/gnome>
@@ -12,9 +12,9 @@ profile torbrowser_plugin_container {
# - the "deny" word in the machine-id lines
# - the rules that deny reading /etc/pulse/client.conf
# and executing /usr/bin/pulseaudio
- # #include <abstractions/audio>
- # /etc/asound.conf r,
- # owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/mozilla-temp-* rw,
+ #include <abstractions/audio>
+ /etc/asound.conf r,
+ owner @{HOME}/.tor-browser/profile.default/tmp/mozilla-temp-* rw,
signal (receive) set=("term") peer=torbrowser_firefox,
@@ -26,8 +26,8 @@ profile torbrowser_plugin_container {
deny /etc/group r,
deny /etc/mailcap r,
- deny /etc/machine-id r,
- deny /var/lib/dbus/machine-id r,
+ /etc/machine-id r,
+ /var/lib/dbus/machine-id r,
/etc/mime.types r,
/usr/share/applications/gnome-mimeapps.list r,
@@ -42,34 +42,31 @@ profile torbrowser_plugin_container {
owner @{PROC}/@{pid}/task/*/stat r,
@{PROC}/sys/kernel/random/uuid r,
- owner @{torbrowser_home_dir}/*.dat r,
- owner @{torbrowser_home_dir}/*.manifest r,
- owner @{torbrowser_home_dir}/*.so mr,
- owner @{torbrowser_home_dir}/.cache/fontconfig/ rw,
- owner @{torbrowser_home_dir}/.cache/fontconfig/** rw,
- owner @{torbrowser_home_dir}/browser/** r,
- owner @{torbrowser_home_dir}/components/*.so mr,
- owner @{torbrowser_home_dir}/browser/components/*.so mr,
- owner @{torbrowser_home_dir}/defaults/pref/ r,
- owner @{torbrowser_home_dir}/defaults/pref/*.js r,
- owner @{torbrowser_home_dir}/dependentlibs.list r,
- owner @{torbrowser_home_dir}/fonts/ r,
- owner @{torbrowser_home_dir}/fonts/** r,
- owner @{torbrowser_home_dir}/omni.ja r,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/extensions/*.xpi r,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profiles.ini r,
- owner @{torbrowser_home_dir}/TorBrowser/UpdateInfo/updates/[0-9]*/update.{status,version} r,
- owner @{torbrowser_home_dir}/TorBrowser/UpdateInfo/updates/[0-9]/updater rw,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/startupCache/* r,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/* rw,
- owner @{torbrowser_home_dir}/TorBrowser/Data/fontconfig/fonts.conf r,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/ r,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so mr,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so.* mr,
- owner @{torbrowser_home_dir}/Downloads/ rwk,
- owner @{torbrowser_home_dir}/Downloads/** rwk,
-
- owner @{torbrowser_firefox_executable} ixmr -> torbrowser_plugin_container,
+ @{torbrowser_home_dir}/ r,
+ @{torbrowser_home_dir}/** mr,
+
+ owner @{HOME}/.tor-browser/profile.default/startupCache/* r,
+ owner @{HOME}/.tor-browser/profile.default/tmp/* rw,
+
+ owner "@{HOME}/Tor Browser/" rw,
+ owner "@{HOME}/Tor Browser/**" rwk,
+ owner "@{HOME}/Persistent/Tor Browser/" rw,
+ owner "@{HOME}/Persistent/Tor Browser/**" rwk,
+
+ owner @{HOME}/.tor-browser/profile.default/extensions/*.xpi r,
+ /etc/xul-ext/ r,
+ /etc/xul-ext/** r,
+ /usr/local/share/tor-browser-extensions/ r,
+ /usr/local/share/tor-browser-extensions/** rk,
+ /usr/share/{xul-,web}ext/ r,
+ /usr/share/{xul-,web}ext/** r,
+ /usr/share/mozilla/extensions/ r,
+ /usr/share/mozilla/extensions/** r,
+
+ /usr/share/doc/tails/website/ r,
+ /usr/share/doc/tails/website/** r,
+
+ @{torbrowser_firefox_executable} ixmr -> torbrowser_plugin_container,
/sys/devices/system/cpu/ r,
/sys/devices/system/cpu/present r,
@@ -95,10 +92,16 @@ profile torbrowser_plugin_container {
deny @{PROC}/@{pid}/net/route r,
deny /sys/devices/system/cpu/cpufreq/policy[0-9]*/cpuinfo_max_freq r,
deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
+ deny @{HOME}/.cache/fontconfig/ w,
# Silence denial logs about PulseAudio
deny /etc/pulse/client.conf r,
deny /usr/bin/pulseaudio x,
- #include <local/torbrowser.Browser.plugin-container>
+ # Deny access to global tmp directories, that's granted by the user-tmp
+ # abstraction, which is sourced by the gnome abstraction, that we include.
+ deny owner /var/tmp/** rwklx,
+ deny /var/tmp/ rwklx,
+ deny owner /tmp/** rwklx,
+ deny /tmp/ rwklx,
}
diff --git a/etc/apparmor.d/tunables/torbrowser b/etc/apparmor.d/tunables/torbrowser
......
......@@ -4,14 +4,7 @@ tails (4.0~beta1) UNRELEASED; urgency=medium
- Upgrade to a snapshot of Debian 10 (Buster) from 2018-08-06.
* Removed features
- Remove Traverso. It was removed from testing and won't be in
Buster unless it's fixed pretty quickly. Given it's on our list
of candidates for removal (#15291), I've had exactly zero
indication that anyone uses it in Tails (quite the opposite:
I've been told by users they use other software for these
needs), and there's been no major upstream change for a long
time, I don't think it's worth worrying.
- Remove scribus completly (refs: 16290).
- Remove scribus completely (refs: 16290).
- Remove LibreOffice Math (#16911).
* Bugfixes
......@@ -70,7 +63,7 @@ tails (4.0~beta1) UNRELEASED; urgency=medium
reintroduced it.
- Remove KeePassX and replace it with KeePassXC. (refs: #15297). As
KeePassX was used around for a longer time, we don't need
automatic upgrading cappability from old KeePass file format
automatic upgrading capability from old KeePass file format
(Tails 2 times). The user can still import those old files, if
they want to access it.
- Disable live-tools.service (Closes: #16324). This service is only
......@@ -368,12 +361,12 @@ tails (4.0~beta1) UNRELEASED; urgency=medium
touch call makes sure that gnome-shell refreshes the icons, as
the property change itself isn't sufficient.
- Show images for icons on desktop. (refs: #16283) Somewhen
@metadata::trusted yes@ whas the right thing to do, but nowadays
@metadata::trusted yes@ was the right thing to do, but nowadays
you have to use @metadata::trusted true@. What was taking me one
day to spot. The internet has still a lot reference to
@metadata::trusted yes@. I added also Requires and After to the
service file, to make sure systemd starts gvfs-metadata deamon
before ours. We need this DBus interface to be availabe to get
service file, to make sure systemd starts gvfs-metadata daemon
before ours. We need this DBus interface to be available to get
gio working.
- Use XDG logic to find the correct icon. That should result in
less blurry icons on the desktop, as it takes the correct sizes,
......
......@@ -6,6 +6,13 @@ def looks_like_dhcp_packet?(eth_packet, protocol, sport, dport, ip_packet)
ip_packet && ip_packet.ip_daddr == "255.255.255.255"
end
def is_rarp_packet?(p)
# Details: https://www.netometer.com/qa/rarp.html#A13
p.force_encoding("UTF-8").start_with?(
"\xFF\xFF\xFF\xFF\xFF\xFFRT\x00\xAC\xDD\xEE\x805\x00\x01\b\x00\x06"
) && (p[19] == "\x03" || p[19] == "\x04")
end
# Returns the unique edges (based on protocol, source/destination
# address/port) in the graph of all network flows.
def pcap_connections_helper(pcap_file, opts = {})
......@@ -18,9 +25,14 @@ def pcap_connections_helper(pcap_file, opts = {})
if PacketFu::EthPacket.can_parse?(p)
eth_packet = PacketFu::EthPacket.parse(p)
else
raise FirewallAssertionFailedError.new(
'Found something that is not an ethernet packet'
)
if is_rarp_packet?(p)
# packetfu cannot parse RARP, see #16825.
next
else
raise FirewallAssertionFailedError.new(
'Found something that is not an ethernet packet'
)
end
end
sport = nil
dport = nil
......
......@@ -74,12 +74,11 @@ def try_for(timeout, options = {})
# than we do it in this function, this means that there is a
# try_for below us in the stack to which this exception must be
# unique to.
# Let 1 be the base step, and 2 the inductive step, and we sort of
# an inductive proof for the correctness of try_for when it's
# nested. It shows that for an infinite stack of try_for:s, any of
# the unique exceptions will be caught only by the try_for instance
# it is unique to, and all try_for:s in between will ignore it so it
# ends up there immediately.
# Let 1 be the base step, and 2 the inductive step, and we have a
# inductive argument for the correctness of nested try_for. It shows
# that for an arbitrary large stack of try_for:s, any of the unique
# exceptions will be caught only by the try_for instance it is
# unique to, and all try_for:s in between will ignore it.
rescue unique_timeout_exception => e
msg = options[:msg] || 'try_for() timeout expired'
exc_class = options[:exception] || Timeout::Error
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment