Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • T tails
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 920
    • Issues 920
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 21
    • Merge requests 21
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #14508
Closed
Open
Created Aug 30, 2017 by jvoisin@jvoisinReporter

Get critical parts of Tails audited

Originally created by @jvoisin on #14508 (Redmine)

It would be nice to have to following parts or Tails audited:

  • Audit whatever upgrade mechanism we replace the current Tails Upgrader with in the “Rethink upgrade/installation” effort (possible in ca. 2 years probably).
    • Audit the current implementation of Tails Upgrader. (Low prio since it will be obsoleted by the above point. ca. 1 kLoC of perl (but big parts are irrelevant since it is about generating IUKs.)
  • Audit Tails Security Check (config/chroot_local-includes/usr/local/bin/tails-security-check, ~200 LoC.)
  • Torification escapes for the Live user and other critical users
  • Persistence
    • Arbitrary persistence by the Live user
    • Permissions of the device and data of the persistent device (Audit should be less than a day)
  • Audit anonym’s Thunderbird auto-config patches (Javascript, 9 files changed, 254 insertions(+), 99 deletions(-).)

Related issues

  • Related to #7465 (closed)
  • Related to #11051 (closed)
Edited Oct 18, 2020 by intrigeri
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking