Personal Sandboxed Tor Browser development repo. https://gitweb.torproject.org/tor-browser/sandboxed-tor-browser.git/
|Yawning Angel 26c9478ed9 Default disable `dom.securecontext.whitelist_onions`.||2 hours ago|
|data||2 hours ago|
|src||4 days ago|
|vendor||3 months ago|
|.gitignore||6 months ago|
|CODE_OF_CONDUCT.md||1 month ago|
|ChangeLog||2 hours ago|
|LICENSE||9 months ago|
|Makefile||6 months ago|
|README.md||1 week ago|
I would build a great sandbox. And nobody builds sandboxes better than me, believe me. I will build a great, great sandbox on our application border. And I will have Tor Browser pay for that sandbox.
Tor Browser sandboxed somewhat correctly using bubblewrap. Obviously only works on Linux, and will NEVER support anything else since sandboxing is OS specific.
There are several unresolved issues that affect security and fingerprinting. Do not assume that this is perfect, merely "an improvement over nothing".
Build time dependencies:
Things that the sandbox breaks:
Places where the sandbox could be better:
/procfilesystem, worked around in the worst possible way. (https://bugs.torproject.org/20283)
~/Downloadsdirectories are mapped to the host