Bug #8280

Users should be able to manipulate local files in I2P browser

Added by sajolida 2014-11-20 16:55:08 . Updated 2018-01-19 17:29:13 .

Status:
Confirmed
Priority:
Low
Assignee:
Category:
Target version:
Start date:
2014-11-20
Due date:
% Done:

0%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
I2P
Deliverable for:

Description

Several users asked about the new isolation of I2P. Now that I2P runs in
a dedicated browser, from inside a chroot, I understand that the same
warning than from the Unsafe Browser applies:

« As a consequence, if you download files using the Unsafe Browser it is
not possible to access them outside of the Unsafe Browser itself. »

It was proposed on tails-dev to have a dedicated folder mounted in the chroot for that use.


Subtasks


Related issues

Related to Tails - Feature #5525: Sandbox the web browser Resolved 2015-01-24 2015-02-04
Related to Tails - Bug #9894: Document permissions issues with i2p Duplicate 2015-08-04

History

#1 Updated by intrigeri 2014-11-20 19:23:11

As mentioned on tails-dev@, I plan to work on a “solution” for this kind of issues for our Tor Browser, so Kill Your TV: either start working on this before I do (but then, let’s communicate about the specs and implementation ideas before you spend too much time on it), or just wait for me to do the work and replicate it for the I2P browser.

#2 Updated by intrigeri 2014-11-20 19:28:42

#3 Updated by kytv 2015-02-24 20:00:49

  • Target version changed from Tails_1.3 to Tails_1.3.2

#4 Updated by kytv 2015-03-25 01:02:32

  • Assignee changed from kytv to intrigeri

intrigeri wrote:
> As mentioned on tails-dev@, I plan to work on a “solution” for this kind of issues for our Tor Browser, so Kill Your TV: either start working on this before I do (but then, let’s communicate about the specs and implementation ideas before you spend too much time on it), or just wait for me to do the work and replicate it for the I2P browser.

Do you have anything for this for the Unsafe Browser? I’m still thinking about what might be the best way to do this with the chroot browsers…

#5 Updated by intrigeri 2015-03-25 09:59:35

> Do you have anything for this for the Unsafe Browser? I’m still thinking about what
> might be the best way to do this with the chroot browsers…

The only thing I have done that can be reused for the chroot’ed browsers is the general UI and folder names that were discussed with -ux@. For the rest, I guess you’ll have to go with bind-mounts and ACLs.

#6 Updated by kytv 2015-03-25 18:31:48

  • Assignee changed from intrigeri to kytv

intrigeri wrote:
> I guess you’ll have to go with bind-mounts and ACLs.

That’s all that came to mind for me, OK.

#7 Updated by kytv 2015-04-06 15:13:50

  • Target version changed from Tails_1.3.2 to Tails_1.4

#8 Updated by kytv 2015-04-12 21:21:35

  • Assignee changed from kytv to intrigeri
  • QA Check set to Info Needed

According to this post from 2011 and this StackExchange thread, aufs doesn’t support acls.

intrigeri, do you have any ideas as to how to tackle this? (I’m trying to come up with a good resolution but am coming up blank ATM)

#9 Updated by intrigeri 2015-04-14 16:09:08

> intrigeri, do you have any ideas as to how to tackle this? (I’m trying to come up with a good resolution but am coming up blank ATM)

I would try:

  • bind-mount I2P Browser’s default download directory into some place that the amnesia user can access, or vice-versa
  • make sure that the I2P Browser is started with a umask that allows the amnesia user to read files it creates

#10 Updated by intrigeri 2015-04-16 08:51:31

  • Assignee changed from intrigeri to kytv
  • QA Check deleted (Info Needed)

#11 Updated by kytv 2015-05-03 08:36:14

  • Target version changed from Tails_1.4 to Tails_1.5

#12 Updated by kytv 2015-08-04 04:02:27

  • Target version changed from Tails_1.5 to Tails_1.6

#13 Updated by emmapeel 2015-08-05 10:05:15

  • related to Bug #9563: FAQ: torrents with Tails -> use i2p added

#14 Updated by emmapeel 2015-08-05 10:10:34

  • related to Bug #9894: Document permissions issues with i2p added

#15 Updated by emmapeel 2015-08-05 10:10:53

  • related to deleted (Bug #9563: FAQ: torrents with Tails -> use i2p)

#16 Updated by kytv 2015-09-22 03:47:29

  • Target version changed from Tails_1.6 to Tails_1.7

Unfortunately I haven’t wrapped my head around how to make this work. will try (again) during the next cycle.

#17 Updated by kytv 2015-11-04 10:46:03

  • Target version changed from Tails_1.7 to Tails_1.8

#18 Updated by kytv 2015-11-28 18:17:10

  • Target version changed from Tails_1.8 to Tails_2.2

Definitely won’t be done for 1.8 or 2.0.

#19 Updated by anonym 2016-03-29 18:10:37

  • Target version changed from Tails_2.2 to Tails_2.3

#20 Updated by anonym 2016-05-08 05:10:26

  • Target version changed from Tails_2.3 to Tails_2.4

#21 Updated by anonym 2016-06-08 01:34:55

  • Target version changed from Tails_2.4 to Tails_2.5

#22 Updated by BitingBird 2016-07-01 11:29:25

  • Assignee deleted (kytv)
  • Target version deleted (Tails_2.5)

no news from kytv -> removing assignee and target version

#23 Updated by Anonymous 2018-01-19 17:29:13

  • Priority changed from Elevated to Low

We don’t ship IP for the moment, let’s lower priority.