Bug #16914

"More information" link in OnionShare settings doesn't open

Added by sajolida 2019-07-28 15:57:48 . Updated 2019-08-31 16:42:19 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

100%

Feature Branch:
bugfix/16914-onionshare-xdg-open
Type of work:
Code
Blueprint:

Starter:
Affected tool:
OnionShare
Deliverable for:

Description

In a64f183bae:

  1. Open OnionShare
  2. Open the Settings dialog
  3. Click on “More information”
  4. Nothing happens

Subtasks


Related issues

Related to Tails - Bug #16913: Hide Tor settings in OnionShare Confirmed
Blocks Tails - Feature #16209: Core work: Foundations Team Confirmed

History

#1 Updated by intrigeri 2019-08-11 10:18:07

  • Status changed from New to Confirmed
  • Assignee set to intrigeri

That’s caused by AppArmor:

audit[9159]: AVC apparmor="DENIED" operation="exec" profile="/usr/bin/onionshare-gui" name="/usr/bin/xdg-open" pid=9159 comm="onionshare-gui" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0

Unfortunately, there’s probably no way to allow this without also allowing OnionShare to do tons of other dangerous things. I’ll think about it some more.

@sajolida, do you agree that while it’s annoying, it’s yet another smallish bug, not particularly more important/urgent than others we’ve known for years, and therefore not a blocker for the 4.0 release?

#2 Updated by sajolida 2019-08-14 10:16:03

  • related to Bug #16913: Hide Tor settings in OnionShare added

#3 Updated by sajolida 2019-08-14 10:16:26

I agree.

This link is meant to open a webpage in Tor Browser. Many other
applications already do that in Tails (eg. Thunderbird and Pidgin), so
maybe the way forward would be to change how this is done in the
upstream code to be compatible with Tails.

#4 Updated by intrigeri 2019-08-16 15:36:47

> so maybe the way forward would be to change how this is done in the upstream code to be compatible with Tails.

The upstream code already does the same thing as Pidgin or Thunderbird.

To fix this, we need to open up the AppArmor profile a bit. We’ve done so (well, I did that on my volunteer time) in AppArmor upstream for Pidgin and Thunderbird because it felt like opening links was part of their core functionality that the vast majority of users expect to work out-of-the-box. The situation is quite different for a “More information” link in a Settings dialog that I bet most users won’t ever open. I’ll take a look at some point to see if the security risk vs. benefit is worth it. I bet the risk is low and we’ll fix that, but I have to check. Either way, that does not sound like a 4.0 release blocker.

#5 Updated by intrigeri 2019-08-29 10:09:25

  • Assignee deleted (intrigeri)

#6 Updated by segfault 2019-08-29 14:06:01

  • Assignee set to segfault

#7 Updated by segfault 2019-08-29 14:10:31

  • Status changed from Confirmed to In Progress

Applied in changeset commit:tails|da0c51164490b662be091f5d67a724019786394e.

#8 Updated by segfault 2019-08-29 14:10:53

  • Status changed from In Progress to Needs Validation
  • Assignee deleted (segfault)
  • Feature Branch set to bugfix/16914-onionshare-xdg-open

#9 Updated by intrigeri 2019-08-29 16:56:51

  • Status changed from Needs Validation to In Progress

Hi @segfault,

I’ve applied these changes to the AppArmor profile in a running Tails (built from devel earlier today) and clicking that link still fails. In the logs, I see a denial about an attempt to execute /usr/lib/x86_64-linux-gnu/glib-2.0/gio-launch-desktop. Same when clicking the “Help” button. I wonder what’s the difference between my test environment and yours. Maybe we need to steal the rule about gio-launch-desktop that I see in the evince and thunderbird profiles?

#10 Updated by intrigeri 2019-08-29 16:58:36

(In any case, it’s not a release blocker, so if you have extra time for Tails today or later this week, better do the code review of Bug #12092 and we can handle this one later :)

#11 Updated by intrigeri 2019-08-31 15:08:17

#12 Updated by intrigeri 2019-08-31 15:09:04

  • Assignee set to intrigeri

(This seems to be the kind of simple things I can handle in the state I am in today.)

#13 Updated by intrigeri 2019-08-31 16:15:32

  • Status changed from In Progress to Needs Validation
  • Assignee deleted (intrigeri)

#14 Updated by intrigeri 2019-08-31 16:16:19

(I’ve built an image locally and verified it fixes the bug. This branch impacts nothing that we test on Jenkins so I’m not waiting for CI to pass before submitting for review.)

#15 Updated by segfault 2019-08-31 16:42:19

  • Status changed from Needs Validation to Resolved
  • % Done changed from 0 to 100

Applied in changeset commit:tails|02ea848c9705e6a8e7740a9a61286204858eb317.