Feature #5648

Don't set Torbutton environment variables globally

Added by Tails 2013-07-18 07:43:59 . Updated 2014-10-16 08:10:22 .

Status:
Resolved
Priority:
Elevated
Assignee:
Category:
Target version:
Tails_1.2
Start date:
Due date:
% Done:

100%

Feature Branch:
feature/5648-dont-set-torbutton-environment-globally
Type of work:
Code
Blueprint:

Starter:
1
Affected tool:
Deliverable for:

Description

Commit 6a2de87 sets TOR_SOCKS_HOST and TOR_SOCKS_PORT globally to point to the SocksPort dedicated to Iceweasel. If some random piece of software took these envvars into account, then it would partially defeat our stream isolation design.

So, we should set these environment variables for Iceweasel only, e.g. in the wrapper that we will probably create anyway for dont autostart iceweasel (Feature #5735).

Files

0001-Don-t-set-Torbutton-environment-vars-globally.both.patch (2115 B) joelanders, 2014-08-01 11:18:53
0001-Don-t-set-Torbutton-environment-vars-globally.patch (1591 B) joelanders, 2014-08-01 11:18:53
0001-Don-t-set-Torbutton-environment-vars-globally.patch (1604 B) joelanders, 2014-08-03 14:45:29

Subtasks

History

#1 Updated by intrigeri 2013-07-19 09:08:21

  • Starter set to Yes

#2 Updated by BitingBird 2014-06-09 10:08:55

  • Subject changed from dont set torbutton environment variables globally to Don't set torbutton environment variables globally

#3 Updated by BitingBird 2014-06-21 14:23:01

  • Category set to Tor configuration

#4 Updated by intrigeri 2014-06-21 15:36:04

  • Subject changed from Don't set torbutton environment variables globally to Don't set Torbutton environment variables globally
  • Category deleted (Tor configuration)

(Reverting, this has nothing to do with Tor configuration.)

#5 Updated by joelanders 2014-08-01 11:19:23

Can we also move the TOR_CONTROL_{HOST,PORT,PASSWD} vars to the /usr/local/bin/iceweasel wrapper?

I’m not super familiar with all this, but it looks like those are only meant for Torbutton (I don’t think anything else points at the control port filter).

Two patches attached: one moves just the TOR_SOCKS_{HOST,PORT} vars, and the other also moves the TOR_CONTROL_{HOST,PORT,PASSWD} vars.

#6 Updated by intrigeri 2014-08-01 12:36:43

  • QA Check set to Info Needed

joelanders wrote:
> Can we also move the TOR_CONTROL_{HOST,PORT,PASSWD} vars to the /usr/local/bin/iceweasel wrapper?

Not that simply: I think that /usr/local/sbin/tails-tor-launcher uses TOR_CONTROL_HOST. But it redefines TOR_CONTROL_PORT (to talk directly to the unfiltered one) and unsets TOR_CONTROL_PASSWD, so it could as well set the TOR_CONTROL_HOST it needs itself: it’s not (directly) talking to the same software as Torbutton anyway, so it makes sense not to factorize this setting.

> Two patches attached: one moves just the TOR_SOCKS_{HOST,PORT} vars,

This one looks good. Let’s focus on getting in it first. Have you built and tested an ISO image with this patch applied?

> and the other also moves the TOR_CONTROL_{HOST,PORT,PASSWD} vars.

This one probably needs refinement, see above.

#7 Updated by intrigeri 2014-08-01 12:38:18

  • Assignee set to joelanders
  • Target version set to Tails_1.2
  • % Done changed from 0 to 10

joelanders, once you have answered my question above, please reassign this ticket to me, and set “QA Check” to “Ready for QA”. Thanks!

#8 Updated by intrigeri 2014-08-01 12:47:08

  • Status changed from Confirmed to In Progress

#9 Updated by joelanders 2014-08-01 20:31:21

I tested the smaller patch without doing an ISO build; figured I couldn’t avoid it for the bigger one (to make sure tor-launcher is okay). I’ll figure that out tomorrow!

#10 Updated by joelanders 2014-08-02 18:01:13

Ok, spent some time getting the ISO build process going.
I’m on arch linux, so some packages didn’t work with each other out of the box.
Some scattered notes:

had to install vagrant 1.0.7
had to install a 4.2 version of virtualbox to play nicely with that vagrant

had to make this change re: "require vagrant/util/downloader"
https://mailman.boum.org/pipermail/tails-dev/2014-February/004924.html

00:00:00.364178 VMSetError: /build/virtualbox/src/VirtualBox-4.2.16/src/VBox/VMM/VMMR3/VM.cpp(373) int VMR3Create(uint32_t, PCVMM2USERMETHODS, PFNVMATERROR, void*, PFNCFGMCONSTRUCTOR, void*, VM**); rc=VERR_VMX_MSR_LOCKED_OR_DISABLED
00:00:00.364187 VMSetError: VT-x features locked or unavailable in MSR.
00:00:00.364671 ERROR [COM]: aRC=NS_ERROR_FAILURE (0x80004005) aIID={db7ab4ca-2a3f-4183-9243-c1208da92392} aComponent={Console} aText={VT-x features locked or unavailable in MSR. (VERR_VMX_MSR_LOCKED_OR_DISABLED)}, preserve=false
00:00:00.382347 Power up failed (vrc=VERR_VMX_MSR_LOCKED_OR_DISABLED, rc=NS_ERROR_FAILURE (0X80004005))

got some errors like "virtualbox wouldn't stay booted" more detailed stuff like the above^

not sure what fixed it, but I enabled some vt-x / vt-d settings in the bios.
still didn't work, so I unloaded the kvm and intel-kvm kernel modules.

can the DL of  http://dl.amnesia.boum.org/tails/project/vagrant/tails-builder-20140709.box be done over https (or a signature checked)?

Did a build, the “new identity” thing didn’t work in Torbutton. I think I left out “export” in front of the iceweasel wrapper assignments.
Don’t have time for another build today, but I’ll check tomorrow.
Feels good to have the build setup working, though :)

#11 Updated by intrigeri 2014-08-03 09:29:48

> Ok, spent some time getting the ISO build process going.

> I’m on arch linux, so some packages didn’t work with each other out of the box.

It would be good to have another ticket dedicated to building on Arch (or to discuss this on tails-dev@). I’ll refrain to reply to the off-topic bits here, then.

> can the DL of http://dl.amnesia.boum.org/tails/project/vagrant/tails-builder-20140709.box be done over https (or a signature checked)?

The hash of this file is verified against a known-good one.

> Did a build, the “new identity” thing didn’t work in Torbutton. I think I left out “export” in front of the iceweasel wrapper assignments. Don’t have time for another build today, but I’ll check tomorrow.

Yay, great to see you’re making progress!

#12 Updated by intrigeri 2014-08-03 09:30:19

  • QA Check changed from Info Needed to Dev Needed
  • Starter changed from Yes to No

#13 Updated by joelanders 2014-08-03 14:55:37

Aight, here’s the good patch. Tested with an ISO.

#14 Updated by intrigeri 2014-08-04 10:51:32

  • Feature Branch set to feature/5648-dont-set-torbutton-environment-globally

#15 Updated by intrigeri 2014-08-04 15:42:31

  • Status changed from In Progress to Fix committed
  • Assignee deleted (intrigeri)
  • % Done changed from 10 to 100
  • QA Check changed from Ready for QA to Pass

It passes the relevant parts of our automated test suite: features/apt.feature features/build.feature features/checks.feature features/encryption.feature features/firewall_leaks.feature features/root_access_control.feature features/time_syncing.feature features/torified_* features/unsafe_browser.feature features/windows_camouflage.feature.

Merged for 1.2!

#16 Updated by anonym 2014-10-16 08:10:22

  • Status changed from Fix committed to Resolved