nixpkgs/pkgs/tools/security
Joachim Fasting ecd0e1a2c7
torbrowser: reduce risk of stale Nix store references
This patch restructures the expression and wrapper to minimize Nix store
references captured by the user's state directory.

The previous version would write lots of references to the Nix store into
the user's state directory, resulting in synchronization issues between
the Store and the local state directory.  At best, this would cause TBB to
stop working when the version used to instantiate the local state was
garbage collected; at worst, a user would continue to use the old version
even after an upgrade.

To solve the issue, hard-code as much as possible at the Store side and
minimize the amount of stuff being copied into the local state dir.
Currently, only a few files generated at firefox startup and fontconfig
cache files end up capturing store paths; these files are simply removed
upon every startup.  Otherwise, no capture should occur and the user
should always be using the TBB associated with the tor-browser wrapper
script.

To check for stale Store paths, do
   `grep -Ero '/nix/store/[^/]+' ~/.local/share/tor-browser`
This command should *never* return any other store path than the one
associated with the current tor-browser wrapper script, even after an
update (assuming you've run tor-browser at least once after updating).
Deviations from this general rule are considered bugs from now on.

Note that no attempt has been made to support pluggable transports; they
are still broken with this patch (to be fixed in a follow-up patch).

User visible changes:
- Wrapper retains only environment variables required for TBB to work
- pulseaudioSupport can be toggled independently of mediaSupport (the
  latter weakly implies the former).
- Store local state under $TBB_HOME.  Defaults to $XDG_DATA_HOME/tor-browser
- Stop obnoxious first-run stuff (NoScript redirect, in particular)
- Set desktop item GenericName to Web Browser

Some minor enhancements:
- Disable Hydra builds
- Specify system -> source mapping to make it easier to
  extend supported platforms.
2017-03-25 15:59:18 +01:00
..
aespipe aespipe: update from 2.4c to 2.4d 2015-05-31 13:12:39 +02:00
afl afl: 2.23b -> 2.35b 2016-12-11 00:28:14 +00:00
aide meta.description fixups 2015-04-30 18:17:42 +02:00
apg apg: update from 2.2.3 to 2.3.0b 2014-10-09 20:16:03 +02:00
bmrsa treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
bruteforce-luks bruteforce-luks: 1.2.0 -> 1.2.1 2016-06-06 21:58:19 +02:00
ccid ccid: 1.4.23 -> 1.4.26 2017-02-14 12:29:25 +01:00
ccrypt ccrypt: disable format hardening 2016-04-05 16:21:15 +00:00
chaps chaps: fix build against glibc 2.24 2016-08-26 23:52:19 +02:00
chkrootkit chkrootkit: 0.50 -> 0.51, fix build 2016-12-04 22:10:06 +01:00
chntpw treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
cipherscan cipherscan: 2015-12-17 -> 2016-08-16 2016-09-05 22:50:58 +02:00
clamav clamav: fixup build after updating zlib 2017-01-08 14:18:28 +01:00
cowpatty coWPAtty: init at 4.6 2016-11-25 11:25:07 +01:00
crackxls cc-wrapper: add option to skip flags for native optimizations 2016-03-24 20:16:17 +03:00
crunch crunch: enable darwin build 2017-03-09 00:46:13 +01:00
dirmngr treewide: Add lots of platforms to packages with no meta 2016-08-02 21:17:44 +03:00
duo-unix duo-unix: 1.9.11 -> 1.9.19 2016-08-24 22:56:38 +05:30
ecryptfs ecryptfs: fix after security wrapper change 2017-02-16 11:35:41 +01:00
eid-mw eid-mw: 4.1.18 -> 4.1.19 2016-11-16 13:32:25 +01:00
eid-viewer Add version attribute where maintainers |= nckx 2016-01-25 17:35:21 +01:00
encryptr encryptr: init at 2.0.0 2016-11-08 09:48:08 +01:00
enpass enpass: fix install to work with browser extensions 2016-12-29 19:57:09 -05:00
fail2ban fail2ban: 0.9.4 -> 0.9.6 2017-02-02 19:19:28 +01:00
fcrackzip fcrackzip: init at 1.0 2017-01-25 19:34:34 +01:00
fpm2 Works only under linux 2016-10-20 16:35:58 +02:00
fprint_demo Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
fprintd fprintd: 0.6.0 -> 0.7.0 2016-11-24 01:17:59 +03:00
fprot Change occurrences of gcc to the more general cc 2014-12-26 11:06:21 -06:00
fwknop Revert "gpgme: Drop multiple outputs (dev and info)" 2017-03-21 23:57:57 +01:00
gencfsm gnome-encfs-manager: 1.8.16 -> 1.8.18 2016-12-31 14:56:43 +01:00
gnupg gnupg21: 2.1.18 -> 2.1.19 2017-03-02 10:10:02 +01:00
gorilla-bin gorilla: init at 1.5.3.7 2016-12-28 23:25:50 +01:00
gpgstats gpgstats: fix build on 32-bit; LFS problems 2016-03-09 23:15:41 +01:00
haka haka: replace sha1 with sha256 2017-02-28 18:03:23 +01:00
hash-slinger hash-slinger: fix evaluation 2016-08-01 10:19:55 +02:00
hashcat opencl-icd: remove, point to ocl-icd 2017-01-20 03:37:51 +03:00
haveged rename iElectric to domenkozar to match GitHub 2016-05-17 13:00:47 +01:00
hologram hologram: 8d86e3f -> d20d1c3 2017-02-02 11:31:42 -05:00
jd-gui treewide: explicitly specify gtk and related package versions 2016-09-12 18:26:06 +03:00
john john: Disable parallel build 2017-03-10 01:48:53 +02:00
kbfs kbfs: 1.0.2 -> 20170209.d1db463 2017-02-17 02:43:52 +01:00
keybase keybase: 20170209 -> 1.0.20 2017-03-16 10:01:57 +08:00
keybase-gui keybase-gui: init at 20170209.17b641d 2017-02-17 02:44:06 +01:00
knockknock knockknock: use python2 2016-10-18 23:14:36 +02:00
kpcli kpcli: 3.0 -> 3.1 2017-01-04 22:29:27 +01:00
lastpass-cli lastpass-cli: 1.0.0 -> 1.1.1 2017-02-17 00:11:49 +01:00
logkeys logkeys: 5ef6b0dcb9e3 -> 2015-11-10 2015-12-15 20:20:41 +09:00
mbox Rename 'emery' maintainer handle to 'ehmry', fixes #11493 2015-12-05 23:06:20 +01:00
meo meo: Use pcre-cpp (fixes build) 2016-04-27 13:28:04 +03:00
metasploit treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
mfcuk Replace 'with plaforms; platform' with 'platforms.platform' 2015-11-17 21:30:43 +01:00
mfoc Replace 'with plaforms; platform' with 'platforms.platform' 2015-11-17 21:30:43 +01:00
minisign minisign: 0.6 -> 0.7 2017-02-05 22:57:24 +01:00
mkpasswd whois: init at 5.2.10 and share with mkpasswd 2015-11-11 15:26:10 +01:00
mkrand
mktemp treewide: Add lots of platforms to packages with no meta 2016-08-02 21:17:44 +03:00
modsecurity treewide: Fix dev references to libxml2 2016-08-30 03:02:32 +03:00
monkeysphere monkeysphere: fix description 2015-08-01 13:28:41 +03:00
mpw mpw: build from github to fix segfault 2016-10-30 04:15:41 -07:00
munge Munge is buildable/usable on osx. 2015-11-22 19:01:44 -06:00
nasty nasty: add large file support (#17011) 2016-07-19 01:47:33 +02:00
nitrokey-app nitrokey-app: 0.4.0 -> 0.5.1 2016-10-22 22:28:27 +02:00
nmap nmap: 7.31 -> 7.40 2017-02-02 19:33:21 +01:00
nsjail Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
oath-toolkit oath-toolkit: 2.4.1 -> 2.6.1 2016-06-12 04:27:56 +08:00
omapd omapd: init at 0.9.2 2015-08-03 13:04:59 +02:00
opencryptoki Add package: opencryptoki 2014-10-14 09:03:50 +02:00
opensc opensc: remove obsolete DESTDIR patch 2017-03-05 23:36:35 +01:00
ossec treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
p0f p0f: 3.08b -> 3.09b 2016-05-13 17:25:25 +02:00
pamtester Remove all dots at end of descriptions 2016-02-27 17:30:29 +00:00
paperkey
pass pass: refactor, fix completions install 2017-02-26 20:54:58 +01:00
pcsc-cyberjack pcsc-cyberjack: Init at 3.99.5_SP09 2016-06-04 16:38:57 +02:00
pcsclite pcsclite: 1.8.17 -> 1.8.20 for CVE-2016-10109 2017-01-11 20:11:08 -05:00
pcsctools pcsctools: unbreak 'gscriptor' by adding cairo 2017-02-17 17:01:29 +01:00
pgpdump pgpdump: init at v0.31 2016-10-06 03:17:01 +02:00
phrasendrescher phrasendrescher: init at 1.0 2016-11-22 17:33:12 +01:00
pinentry pinentry_qt5: build with C++11 for Qt 5.7 2017-02-28 05:59:45 -06:00
pinentry-mac gnupg: Variable path to pinentry 2016-10-29 00:24:51 +03:00
pius use dontBuild instead of hacks 2016-05-04 10:11:04 +00:00
polkit-gnome polkit_gnome: cleanup, add platforms 2015-12-15 18:09:07 +03:00
prey treewide: Use makeBinPath 2016-08-23 01:18:10 +03:00
pwgen pwgen: update from 2.06 to 2.07 2014-11-01 14:52:11 +02:00
qdigidoc qdigidoc: init at 3.12.0.1442 2016-04-27 11:38:10 +03:00
qesteidutil qesteidutil: init at 3.12.2.1206 2016-04-26 18:08:16 +03:00
radamsa radamsa: init at 0.4 2015-11-28 23:51:17 +01:00
rarcrack rarcrack: init at 0.2 2016-01-23 21:39:22 +01:00
rhash rhash: sha1 -> sha256 2017-03-01 00:28:25 +01:00
rng-tools Unmaintain a bunch of packages 2015-07-01 08:11:05 -04:00
sbsigntool Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
scrypt scrypt: remove obsolete substituteInPlace 2016-08-27 21:55:19 +00:00
seccure treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
secp256k1 secp256k1: 2016-05-30 -> 2016-11-27, more flags (#18637) 2016-11-29 09:36:53 -05:00
sha1collisiondetection sha1collisiondetection: init at 1.0.1 2017-03-05 18:59:28 +01:00
shc shc: init at 3.9.3 2016-08-11 20:56:11 +00:00
signing-party signing-party: 2.2 -> 2.5, install all tools 2017-01-21 20:46:04 +01:00
simple-tpm-pk11 simpleTpmPk11: git-20140925 -> git-20160712 (#17317) 2016-07-28 04:01:08 +02:00
softhsm softhsm: 2.1.0 -> 2.2.0 2017-03-07 11:43:46 +01:00
sops sops: init at version 2.0.8 2017-03-10 15:41:57 +00:00
srm srm: 1.2.14 -> 1.2.15 2015-03-11 19:22:25 +01:00
ssdeep ssdeep: No need to include patchelf in buildInputs 2016-10-01 23:15:35 +03:00
sshuttle rename iElectric to domenkozar to match GitHub 2016-05-17 13:00:47 +01:00
sslscan sslscan: 1.11.7 -> 1.11.8 2017-02-02 18:59:08 +01:00
ssss treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
steghide treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
stoken stoken: fix evaluation (licence), refactor a little 2015-08-13 14:18:36 +02:00
stricat stricat: fix darwin build 2016-08-16 19:25:46 +00:00
su-exec su-exec: init at 0.2 2016-11-26 16:48:13 +00:00
sudo Merging against upstream master 2017-02-13 17:16:28 -06:00
sudolikeaboss sudolikeaboss: 0.2.1 -> 20161127-2d9afe1 2016-12-06 13:07:02 -05:00
super treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
tboot Use general hardening flag toggle lists 2016-03-05 18:55:26 +01:00
tcpcrypt tcpcrypt: 0.4 -> 0.5 2017-02-17 00:12:43 +01:00
thc-hydra thc-hydra: fix the tarball job 2016-08-11 19:16:45 +02:00
tmin nixpkgs: Fuzzing test case optimizer 2014-11-25 13:03:43 -06:00
tor torbrowser: reduce risk of stale Nix store references 2017-03-25 15:59:18 +01:00
tpm-luks Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
tpm-quote-tools tpm-quote-tools: 1.0.2 -> 1.0.3 2017-03-02 17:53:26 -06:00
tpm-tools tpm-tools: fix build by applying debians patch 2016-03-24 22:31:40 +01:00
trousers Merge commit staging+systemd into closure-size 2015-10-03 13:33:37 +02:00
vault vault: 0.6.4 -> 0.6.5 2017-02-17 01:17:30 +05:30
vidalia Disable bunch of non-compiling packages on Darwin 2016-09-01 20:39:33 +03:00
volatility Remove top-level pycrypto 2016-08-14 14:28:26 +02:00
vulnix pythonPackages.BTrees: 4.1.4 -> 4.3.1 2017-03-24 10:44:34 +01:00
wipe wipe: add package 2014-10-23 02:08:37 +04:00
yara yara: 3.4.0 -> 3.5.0 2017-02-17 00:13:15 +01:00