Skip to content

[20.03] tor-browser: disable hardening by default (#93154)#95688

Merged
worldofpeace merged 1 commit intoNixOS:release-20.03from
marius851000:backport_tor_browser_fix
Sep 8, 2020
Merged

[20.03] tor-browser: disable hardening by default (#93154)#95688
worldofpeace merged 1 commit intoNixOS:release-20.03from
marius851000:backport_tor_browser_fix

Conversation

@marius851000
Copy link
Contributor

@marius851000 marius851000 commented Aug 17, 2020
edited
Loading

Motivation for this change

tor-browser crash with certain website (like http://planet.blogsport.de/) in 20.03

original pull request: #93154

Things done

bissected the change and backported the change that fixed this

  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@Lassulus @Mic92 @marius851000
tor-browser: disable hardening by default (NixOS#93154)
bfdf25f 
* tor-browser: disable hardening by default

this seems to cause crashes with certain tabs.
relevant issue: NixOS#86356

* Update pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix

Co-authored-by: Jörg Thalheim <[email protected]>
(cherry picked from commit 45e2ff3)
@marius851000 marius851000 mentioned this pull request Aug 17, 2020
Closed
@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. labels Aug 17, 2020
@nixos-discourse
Copy link

nixos-discourse commented Aug 23, 2020

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/prs-ready-for-review/3032/264

@schmittlauch
Copy link
Member

schmittlauch commented Aug 28, 2020

@GrahamcOfBorg build tor-browser-bundle-bin

@schmittlauch
Copy link
Member

schmittlauch commented Aug 28, 2020

LGTM

just built and run this with nixpkgs review. It successfully fixes #95665 and continues to work fine for all other tested sites as well.

(sorry again for taking so long, I didn't notice this wasn't merged right away)

@worldofpeace worldofpeace merged commit 299e25a into NixOS:release-20.03 Sep 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@marius851000 @nixos-discourse @schmittlauch @worldofpeace @Lassulus