Bug #8280
Users should be able to manipulate local files in I2P browser
0%
Description
Several users asked about the new isolation of I2P. Now that I2P runs in
a dedicated browser, from inside a chroot, I understand that the same
warning than from the Unsafe Browser applies:
« As a consequence, if you download files using the Unsafe Browser it is
not possible to access them outside of the Unsafe Browser itself. »
It was proposed on tails-dev to have a dedicated folder mounted in the chroot for that use.
Subtasks
Related issues
Related to Tails - |
Resolved | 2015-01-24 | 2015-02-04 |
Related to Tails - |
Duplicate | 2015-08-04 |
History
#1 Updated by intrigeri 2014-11-20 19:23:11
As mentioned on tails-dev@, I plan to work on a “solution” for this kind of issues for our Tor Browser, so Kill Your TV: either start working on this before I do (but then, let’s communicate about the specs and implementation ideas before you spend too much time on it), or just wait for me to do the work and replicate it for the I2P browser.
#2 Updated by intrigeri 2014-11-20 19:28:42
- related to
Feature #5525: Sandbox the web browser added
#3 Updated by kytv 2015-02-24 20:00:49
- Target version changed from Tails_1.3 to Tails_1.3.2
#4 Updated by kytv 2015-03-25 01:02:32
- Assignee changed from kytv to intrigeri
intrigeri wrote:
> As mentioned on tails-dev@, I plan to work on a “solution” for this kind of issues for our Tor Browser, so Kill Your TV: either start working on this before I do (but then, let’s communicate about the specs and implementation ideas before you spend too much time on it), or just wait for me to do the work and replicate it for the I2P browser.
Do you have anything for this for the Unsafe Browser? I’m still thinking about what might be the best way to do this with the chroot browsers…
#5 Updated by intrigeri 2015-03-25 09:59:35
> Do you have anything for this for the Unsafe Browser? I’m still thinking about what
> might be the best way to do this with the chroot browsers…
The only thing I have done that can be reused for the chroot’ed browsers is the general UI and folder names that were discussed with -ux@. For the rest, I guess you’ll have to go with bind-mounts and ACLs.
#6 Updated by kytv 2015-03-25 18:31:48
- Assignee changed from intrigeri to kytv
intrigeri wrote:
> I guess you’ll have to go with bind-mounts and ACLs.
That’s all that came to mind for me, OK.
#7 Updated by kytv 2015-04-06 15:13:50
- Target version changed from Tails_1.3.2 to Tails_1.4
#8 Updated by kytv 2015-04-12 21:21:35
- Assignee changed from kytv to intrigeri
- QA Check set to Info Needed
According to this post from 2011 and this StackExchange thread, aufs
doesn’t support acls.
intrigeri, do you have any ideas as to how to tackle this? (I’m trying to come up with a good resolution but am coming up blank ATM)
#9 Updated by intrigeri 2015-04-14 16:09:08
> intrigeri, do you have any ideas as to how to tackle this? (I’m trying to come up with a good resolution but am coming up blank ATM)
I would try:
- bind-mount I2P Browser’s default download directory into some place that the
amnesia
user can access, or vice-versa - make sure that the I2P Browser is started with a umask that allows the
amnesia
user to read files it creates
#10 Updated by intrigeri 2015-04-16 08:51:31
- Assignee changed from intrigeri to kytv
- QA Check deleted (
Info Needed)
#11 Updated by kytv 2015-05-03 08:36:14
- Target version changed from Tails_1.4 to Tails_1.5
#12 Updated by kytv 2015-08-04 04:02:27
- Target version changed from Tails_1.5 to Tails_1.6
#13 Updated by emmapeel 2015-08-05 10:05:15
- related to Bug #9563: FAQ: torrents with Tails -> use i2p added
#14 Updated by emmapeel 2015-08-05 10:10:34
- related to
Bug #9894: Document permissions issues with i2p added
#15 Updated by emmapeel 2015-08-05 10:10:53
- related to deleted (
Bug #9563: FAQ: torrents with Tails -> use i2p)
#16 Updated by kytv 2015-09-22 03:47:29
- Target version changed from Tails_1.6 to Tails_1.7
Unfortunately I haven’t wrapped my head around how to make this work. will try (again) during the next cycle.
#17 Updated by kytv 2015-11-04 10:46:03
- Target version changed from Tails_1.7 to Tails_1.8
#18 Updated by kytv 2015-11-28 18:17:10
- Target version changed from Tails_1.8 to Tails_2.2
Definitely won’t be done for 1.8 or 2.0.
#19 Updated by anonym 2016-03-29 18:10:37
- Target version changed from Tails_2.2 to Tails_2.3
#20 Updated by anonym 2016-05-08 05:10:26
- Target version changed from Tails_2.3 to Tails_2.4
#21 Updated by anonym 2016-06-08 01:34:55
- Target version changed from Tails_2.4 to Tails_2.5
#22 Updated by BitingBird 2016-07-01 11:29:25
- Assignee deleted (
kytv) - Target version deleted (
Tails_2.5)
no news from kytv -> removing assignee and target version
#23 Updated by Anonymous 2018-01-19 17:29:13
- Priority changed from Elevated to Low
We don’t ship IP for the moment, let’s lower priority.