nixpkgs

History

Davíð Steinn Geirsson 5499f32f08 tor-browser-bundle-bin: Enable content sandbox and hardened malloc Tor browser enables multi-process support in firefox to sandbox each site in its own process. This is a very important security feature. It was disabled in the nixpkgs version, according to a comment due to "crashing tabs", but running with it enabled I have not been able to recreate this. Sandboxing enabled is the upstream default, and if we can't ship a tor browser that way then we should not ship one at all. Also re-enable useHardenedMalloc to use graphene-hardened-malloc. Here there was also a comment, in this case saying it caused "crashes with intel driver". I have also been unable to recreate this on my Intel UHD P630 onboard graphics. I believe neither of these are issues any longer.	2021-11-05 22:37:42 +00:00
..
default.nix	tor-browser-bundle-bin: Enable content sandbox and hardened malloc	2021-11-05 22:37:42 +00:00

Davíð Steinn Geirsson 5499f32f08 tor-browser-bundle-bin: Enable content sandbox and hardened malloc

Tor browser enables multi-process support in firefox to sandbox each site
in its own process. This is a very important security feature. It was
disabled in the nixpkgs version, according to a comment due to "crashing
tabs", but running with it enabled I have not been able to recreate this.
Sandboxing enabled is the upstream default, and if we can't ship a tor
browser that way then we should not ship one at all.

Also re-enable useHardenedMalloc to use graphene-hardened-malloc. Here
there was also a comment, in this case saying it caused "crashes with
intel driver". I have also been unable to recreate this on my Intel
UHD P630 onboard graphics.

I believe neither of these are issues any longer.

2021-11-05 22:37:42 +00:00

default.nix

tor-browser-bundle-bin: Enable content sandbox and hardened malloc

2021-11-05 22:37:42 +00:00