Packaging request #874

[tor-browser] add package for PCR

totalchaos - about 5 years ago - . Updated about 1 year ago.

% Done:



Tor Browser Bundle: Anonymous browsing using Firefox and Tor
I guess it will be a crucial part of Parabola's nonprism suite, thus making Parabola the logical choice for users, that value their privacy.



Updated by GNUtoo about 5 years ago

There are several issues to handle here:
  • Is tor-browser suggesting non-free software with "get add-ons"?
    • The tor-browser and Tor project suggest not to install any add-ons (reference needed), this is to prevent the user's browser from looking different and unique
    • We should probably try to disable that feature instead. But we should be very careful at not changing how the modified tor-browser looks on the internet, else it becomes dangerous and useless (you will be uniquely identified). We probably need to check that with tor-browser developers, and make them review the change.
  • Since there is this add-on issue, we can't use stock tor-browser for now, which is really problematic, we loose:
    • Reproducible builds
    • The possibility not to make a tor-browser-libre package but instead a tor-browser installer. This would have been desirable because it has a nice auto-update feature. You also would get a reproducible build.

Updated by pizzaiolo about 5 years ago

I think your first point could be suggested upstream at the Tor Project, that would be a very good idea.


Updated by Anonymous almost 5 years ago

  • Subject changed from tor-browser to [tor-browser] add package for PCR

Updated by GNUtoo over 4 years ago

I've made some research but forgot to report back:
The add-on page can be changed in about:config.

However extra care must be taken not to make a tor-browser-libre distinguishable from the tor-browser.
Some information about plugins updates can be found in the following (fixed) security bug:


Updated by GNUtoo over 2 years ago

See also the same bug for another FSDG compliant distribution:


Updated by ovruni over 2 years ago

  • Priority changed from bug to wish

Updated by GNUtoo about 1 year ago

Here are some pointers to the status of this issue:
  • The following wiki page has information on the status of the tor-browser port to other architectures (arm and ppc64le)
  • The following bug report has information on getting rid of the add-on repository.

Thanks to Jeremy Rand for working on both.


Updated by bill-auger about 1 year ago

the auto-update feature makes this program not well fit for any distro - every program that i know of, which has such a feature, has it disabled in parabola builds

there is hardly any reason to package any program with with an auto-update feature - anyone who installs the package would only be using the packaged build until the next auto-update (like maybe the very next day in this case); and then will be using the upstream binary from then on - one really may just as well get the upstream binary in the first place, saving us the trouble of maintaining yet another mozilla beast

Also available in: Atom PDF