Commit f30ae4e5 authored by anonym's avatar anonym
Browse files

Merge remote-tracking branch 'origin/devel' into bugfix/8007-AppArmor-hardening

Conflicts:
	features/evince.feature
	features/images/TorBrowserUnableToOpen.png
	features/torified_browsing.feature
	features/totem.feature
parents 26731de8 0525d220
/* Required, do not remove */
@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
/* Hide Firefox Sync options. Sync hasn't been audited by the
Tor Browser developers yet (Tor bug #10368), and it doesn't seem to
work any way (Tor bug #13279). Weak passwords would be a pretty
serious issue too. */
#BrowserPreferences radio[pane="paneSync"],
#sync-button,
#sync-menu-button,
#sync-setup,
#sync-setup-appmenu,
#sync-status-button,
#sync-syncnowitem-appmenu,
#wrapper-sync-button,
/* Hide the Tools -> Apps link to the Firefox Marketplace. It doesn't
seem to work in the Tor Browser, and may have privacy issues. */
#menu_openApps,
/* Hide the "Share this page" button in the Tool bar, which encourages
the use of social (= tracking) networks. Note that this one likely
will be removed upstream in the final Tor Browser 5.0 release. */
#social-share-button,
/* Hide HTTPS Everywhere button in the toolbar */
#https-everywhere-button { display: none; }
......@@ -78,3 +78,18 @@ pref("extensions.update.enabled", false);
pref("layout.spellcheckDefault", 0);
pref("network.dns.disableIPv6", true);
pref("security.warn_submit_insecure", true);
// Disable fetching of the new tab page's Tiles links/ads. Ads are
// generally unwanted, and also the fetching is a "phone home" type of
// feature that generates traffic at least the first time the browser
// is started.
pref("browser.newtabpage.directory.source", "");
pref("browser.newtabpage.directory.ping", "");
// ... and disable the explanation shown the first time
pref("browser.newtabpage.introShown", true);
// Don't use geographically specific search prefs, like
// browser.search.*.US for US locales. Our generated amnesia branding
// add-on localizes search-engines in an incompatible but equivalent
// way.
pref("browser.search.geoSpecificDefaults", false);
......@@ -15,3 +15,10 @@ pref("extensions.getAddons.showPane", false);
for several minutes while trying to communicate with CUPS, since
access to port 631 isn't allowed through. */
pref("print.postscript.cups.enabled", false);
// Disable fetching of the new tab page's Tiles links/ads. It will not
// work in the I2P Browser.
pref("browser.newtabpage.directory.source", "");
pref("browser.newtabpage.directory.ping", "");
// ... and disable the explanation shown the first time
pref("browser.newtabpage.introShown", true);
......@@ -24,7 +24,13 @@
#wrapper-history-button,
#wrapper-bookmarks-button,
/* Remove the Addons menu options */
/* Hide the Tools -> Apps link to the Firefox Marketplace, and
Tools -> Add-ons link to the Add-ons manager. We do not want to
encourage installing such things as it's not part of the supported
use-cases and may have privacy issues. Also they will not persist a
restart, which is just confusing. In the I2P Browser, many of these
features will not work any way. */
#menu_openApps,
#menu_openAddons, /* traditional menu */
#add-ons-button, /* new style Firefox menu */
#wrapper-add-ons-button, /* Customize toolbar */
......@@ -70,6 +76,12 @@ menuitem[command="Browser:SendLink"],
#sync-syncnowitem-appmenu,
#wrapper-sync-button,
/* Hide the "Share this page" button in the Tool bar, which encourages
the use of social (= tracking) networks. These will not work in the
I2P browser any way. Note that this one likely will be removed
upstream in the final Tor Browser 5.0 release. */
#social-share-button,
/* Hide the "Keyboard shortcuts" and "Tour" options from
from the Help menu */
#menu_keyboardShortcuts,
......
http://torbrowser-archive.tails.boum.org/4.5.3-build2/
http://people.torproject.org/~mikeperry/builds/5.0a4-build3/
9a6425afeeae40f1cd7ebd3dd0a8672b8ed13e4df1863282ee39607c5b3cea2d tor-browser-linux32-4.5.3_ar.tar.xz
d9af6bf2585ac7905534fecd8c9df016fa833ba90b95babdfbf7b2225760c774 tor-browser-linux32-4.5.3_de.tar.xz
154d659583048e91870c40921561f0519babf6d3c9ac439f6fb74ed66824463f tor-browser-linux32-4.5.3_en-US.tar.xz
196cfd81e726d0e1f7ecf0fe0183eac6b7e2cf8e8c5bc89b9105ce4d82e0922a tor-browser-linux32-4.5.3_es-ES.tar.xz
61dfee81c930f1b6c12911917b880bd62f99a7e61fdcc3d8d5cb71657770adeb tor-browser-linux32-4.5.3_fa.tar.xz
dcb98570ac927298a086771524b283ee4f64268b72d0b5ec36268817073612aa tor-browser-linux32-4.5.3_fr.tar.xz
6d94c31bf8ed708a49e0e4ecdbfd7c20db1b382fe4d8039971aadd8c87240fc6 tor-browser-linux32-4.5.3_it.tar.xz
59dad0fbcbc8fd02953af03cb587c1b89d534812c6580d9cd78e883c55f2b34c tor-browser-linux32-4.5.3_ko.tar.xz
0cf9401dd5383212871c12bc7c7db44953aa4796db2692528c949ebc2b0219e3 tor-browser-linux32-4.5.3_nl.tar.xz
487ebbe2260666476a9a72e927025783567767dc3fc1c5403ad60e7f37c80734 tor-browser-linux32-4.5.3_pl.tar.xz
78688df77ad688c0458e5ff959b5ff1bf5579435ee480093e98f9ad537400dbd tor-browser-linux32-4.5.3_pt-PT.tar.xz
0a1cbdae6e13dad17ab228970a3b7c0c1dd86c71c1ad4950d4c591947be1b04b tor-browser-linux32-4.5.3_ru.tar.xz
4ebce91c056b67e4b2aed183d816d299b005111f895f726d2bd49494231a76cb tor-browser-linux32-4.5.3_tr.tar.xz
71a80614bee6a0349b3e9e297c08925d0a6682768bf3f43352586d4c28e7dacd tor-browser-linux32-4.5.3_vi.tar.xz
6675936035691de5e20ac899c5c1a004462b41e38bda29040aba7351ca4fb3b2 tor-browser-linux32-4.5.3_zh-CN.tar.xz
14463ac344a60e08187566de3ff97796f5f8f1d20356c7ea434fbc50c1e107e6 tor-browser-linux32-5.0a4_ar.tar.xz
95da22c9ddd3a84d1c064e7cc90b5a47faf6642a1128a815878c4d0ef5e31d51 tor-browser-linux32-5.0a4_de.tar.xz
adb15b4526dd85c449af5cf088b462cb73539285098ddbd7cb429ccd205c0861 tor-browser-linux32-5.0a4_en-US.tar.xz
77fd6cdc2781a5191c57d2232914abc8816660db884c7e679f8834e2f165cf4a tor-browser-linux32-5.0a4_es-ES.tar.xz
3b8fac32a86383fe7cfb890177b86ccb607aacca1a0ce68578c6166ca53280ce tor-browser-linux32-5.0a4_fa.tar.xz
009e1b9b23ae4f5d62d0700aaf390108c0ba1cd686cc2233762112fa90f29a8f tor-browser-linux32-5.0a4_fr.tar.xz
d755e1fe4a4c7b28d8333d3b57785f75cf2dfcc4126817c6e26212462b6d8c6d tor-browser-linux32-5.0a4_it.tar.xz
63b4beaca5c9c69e7be76ae08e92a5cd024e5176d0f0380edf1324c16e51be58 tor-browser-linux32-5.0a4_ko.tar.xz
8240527be7369e0541c26d2f216c6b98d23498d766c54e1ae20490894a57e6a8 tor-browser-linux32-5.0a4_nl.tar.xz
d12e1e4434ac673b9d2448aaf96c50896b6c1e0a4ca0a0ebb88cdebdbe9e1f9c tor-browser-linux32-5.0a4_pl.tar.xz
c9316225a26883d0627a3df40295835e5f2a831b393c90748937ac6b2e630854 tor-browser-linux32-5.0a4_pt-PT.tar.xz
09651300fc51e06a3ffc033a630eb58bd33c2901b377a605cb96549e1866013a tor-browser-linux32-5.0a4_ru.tar.xz
de55a1870d8636ef6543b57343bcc666f207f7288b48fd806284d46658e9865a tor-browser-linux32-5.0a4_tr.tar.xz
3ee683edc60f10861668ebcca92ffaecb4ca36ef0c7ffe96d8345724434c517e tor-browser-linux32-5.0a4_vi.tar.xz
f5e5c808f7a34cecc9dd1be4e4d9844da2b6a7778bb5a6146db2493e8f4ca5ea tor-browser-linux32-5.0a4_zh-CN.tar.xz
......@@ -17,3 +17,18 @@ pref("extensions.getAddons.showPane", false);
engine for the Unsafe Browser's in-the-clear traffic. */
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
// Disable fetching of the new tab page's Tiles links/ads. Ads are
// generally unwanted, and also the fetching is a "phone home" type of
// feature that generates traffic at least the first time the browser
// is started.
pref("browser.newtabpage.directory.source", "");
pref("browser.newtabpage.directory.ping", "");
// ... and disable the explanation shown the first time
pref("browser.newtabpage.introShown", true);
// Don't use geographically specific search prefs, like
// browser.search.*.US for US locales. Our generated amnesia branding
// add-on localizes search-engines in an incompatible but equivalent
// way.
pref("browser.search.geoSpecificDefaults", false);
/* Required, do not remove */
@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
/* Remove the Addons menu options */
/* Hide Firefox Sync options. Sync hasn't been audited by the
Tor Browser developers yet (Tor bug #10368), and it doesn't seem to
work any way (Tor bug #13279). Weak passwords would be a pretty
serious issue too. */
#BrowserPreferences radio[pane="paneSync"],
#sync-button,
#sync-menu-button,
#sync-setup,
#sync-setup-appmenu,
#sync-status-button,
#sync-syncnowitem-appmenu,
#wrapper-sync-button,
/* Hide the Tools -> Apps link to the Firefox Marketplace, and
Tools -> Add-ons link to the Add-ons manager. We do not want to
encourage installing such things as it's not part of the supported
use-cases and may have privacy issues. Also they will not persist a
restart, which is just confusing. */
#menu_openApps,
#menu_openAddons, /* traditional menu */
#add-ons-button, /* new style Firefox menu */
#wrapper-add-ons-button, /* Customize toolbar */
/* Hide the "Share this page" button in the Tool bar, which encourages
the use of social (= tracking) networks. Note that this one likely
will be removed upstream in the final Tor Browser 5.0 release. */
#social-share-button,
/* Hide TorBrowser Health Report and its configuration option */
#appmenu_healthReport,
#dataChoicesTab,
......
......@@ -14,6 +14,7 @@ Feature: System memory erasure on shutdown
And at least 8 GiB of RAM was detected
And process "memlockd" is running
And process "udev-watchdog" is running
And udev-watchdog is monitoring the correct device
When I fill the guest's memory with a known pattern without verifying
And I reboot without wiping the memory
Then I find many patterns in the guest's memory
......@@ -28,6 +29,7 @@ Feature: System memory erasure on shutdown
And at least 8 GiB of RAM was detected
And process "memlockd" is running
And process "udev-watchdog" is running
And udev-watchdog is monitoring the correct device
When I fill the guest's memory with a known pattern
And I shutdown and wait for Tails to finish wiping the memory
Then I find very few patterns in the guest's memory
......@@ -42,6 +44,7 @@ Feature: System memory erasure on shutdown
And at least 3500 MiB of RAM was detected
And process "memlockd" is running
And process "udev-watchdog" is running
And udev-watchdog is monitoring the correct device
When I fill the guest's memory with a known pattern without verifying
And I reboot without wiping the memory
Then I find many patterns in the guest's memory
......@@ -56,6 +59,7 @@ Feature: System memory erasure on shutdown
And at least 3500 MiB of RAM was detected
And process "memlockd" is running
And process "udev-watchdog" is running
And udev-watchdog is monitoring the correct device
When I fill the guest's memory with a known pattern
And I shutdown and wait for Tails to finish wiping the memory
Then I find very few patterns in the guest's memory
......@@ -25,14 +25,20 @@ Feature: Using Evince
Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists
And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists
And the file "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists
Given AppArmor has not denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
When I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince
Then I see "EvinceUnableToOpen.png" after at most 10 seconds
And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
Given AppArmor has not denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"
When I close Evince
And I try to open "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince
Then I see "EvinceUnableToOpen.png" after at most 10 seconds
And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"
Given AppArmor has not denied "/usr/bin/evince" from opening "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf"
When I close Evince
And I try to open "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince
Then I see "EvinceUnableToOpen.png" after at most 10 seconds
And AppArmor has denied "/usr/bin/evince" from opening "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf"
@keep_volumes
Scenario: Installing Tails on a USB drive, creating a persistent partition, copying PDF files to it
......@@ -57,5 +63,8 @@ Feature: Using Evince
Scenario: I cannot view a PDF file stored in persistent /home/amnesia/.gnupg
Given a computer
When I start Tails from USB drive "current" with network unplugged and I login with persistence password "asdf"
Then the file "/home/amnesia/Persistent/default-testpage.pdf" exists
Given AppArmor has not denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
And I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince
Then I see "EvinceUnableToOpen.png" after at most 10 seconds
And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
features/images/I2P_router_console.png

3.73 KB | W: | H:

features/images/I2P_router_console.png

2.74 KB | W: | H:

features/images/I2P_router_console.png
features/images/I2P_router_console.png
features/images/I2P_router_console.png
features/images/I2P_router_console.png
  • 2-up
  • Swipe
  • Onion skin
features/images/OpenWithImportKey.png

2.59 KB | W: | H:

features/images/OpenWithImportKey.png

2.41 KB | W: | H:

features/images/OpenWithImportKey.png
features/images/OpenWithImportKey.png
features/images/OpenWithImportKey.png
features/images/OpenWithImportKey.png
  • 2-up
  • Swipe
  • Onion skin
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment