Tor browser 11.5.8 SFS created

There is a thread in the forum discussing how to get the Tor browser working in EasyOS. I succeeded and posted some notes here:

https://forum.puppylinux.com/viewtopic.php?p=73616#p73616

That 'shim.c' was obtained from here:

https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40693

I setup a folder 'tor_11.5.8-en_amd64' with opt/tor-browser and some other folders and files, and ran 'dir2sfs'. However, Tor browser required some extra manual modifications to get it to work.

I want to run it non-root, but that is complicated. The mainline distributions do not provide Tor browser as a package; instead they provide an installer, that downloads the tarball from the Tor browser website.

One reason for doing this is that everything under the 'tor-browser' folder has to have user:group the same as the current running user. I got around this problem by running "chown -R spot:spot tor-browser", and then manually edited tor_11.5.8-en_amd64/usr/bin to run Tor browser as user spot, instead of the usual "tor" user.

I also created files under tor_11.5.8-en_amd64/opt/tor-browser/Browser/.config to get audio to work. Tor-browser changes the $HOME variable from /home/spot to /opt/tor-browser/Browser, which broke pulseaudio.

After manual changes to folder 'tor_11.5.8-en_amd64', ran 'mksquashfs' to rebuild the SFS. Oh, sorry, it is only en_US.

It is uploaded, so click on the "sfs" icon to download and install. You may install to the main filesystem or to a container.

In both cases, Tor browser runs as user spot. Yes, user spot even in the container, so inside a container even if an intruded got out of spot, they would still be in "crippled root".

I tested YouTube on both of them, just a modest test playing at 720p. Both played OK, sound worked, but I noticed loading of the web page slower in the container.

Reckon it will be pretty safe to run on the main filesystem, as it is running as spot, and it is based in Firefox and uses Firefox's sandbox.  

Tags: easy