profiles: torbrowser-launcher: blacklist ~/.local/share/torbrowser

[cobratbq]

Added the path to tor-browser as used by torbrowser-launcher: ~/.local/share/torbrowser.

Actualy, this original entry for ${HOME}/opt/torbrowser seems to be oddly placed. There is an occurrence in disable-programs.profile for ${HOME}/.local/share/torbrowser already. Should the old entry be removed (or moved) instead? Did you guys start using disable-programs.profile at a later time?

[kmk3]

There is an occurrence in disable-programs.profile for
${HOME}/.local/share/torbrowser already. Should the old entry be removed
(or moved) instead? Did you guys start using disable-programs.profile at a
later time?

Good catch.

There seem to be many paths in ${HOME} related to the tor browser:

tor browser paths

$ git grep -IE '\$\{HOME\}.*/tor-?browser' -- \
  etc/inc/*.inc etc/profile*/*.profile
etc/inc/disable-common.inc:blacklist ${HOME}/.local/opt/tor-browser
etc/inc/disable-programs.inc:blacklist ${HOME}/.cache/torbrowser
etc/inc/disable-programs.inc:blacklist ${HOME}/.config/torbrowser
etc/inc/disable-programs.inc:blacklist ${HOME}/.local/share/torbrowser
etc/profile-a-l/keepassxc.profile:noblacklist ${HOME}/.local/share/torbrowser
etc/profile-a-l/keepassxc.profile:#mkdir ${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Browser/.mozilla/native-messaging-hosts
etc/profile-a-l/keepassxc.profile:#mkfile ${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Browser/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc>
etc/profile-a-l/keepassxc.profile:#whitelist ${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Browser/.mozilla/native-messaging-hosts/org.keepassxc.keepas>
etc/profile-m-z/tor-browser.profile:noblacklist ${HOME}/.local/opt/tor-browser
etc/profile-m-z/tor-browser.profile:mkdir ${HOME}/.local/opt/tor-browser
etc/profile-m-z/tor-browser.profile:whitelist ${HOME}/.local/opt/tor-browser
etc/profile-m-z/torbrowser-launcher.profile:noblacklist ${HOME}/.config/torbrowser
etc/profile-m-z/torbrowser-launcher.profile:noblacklist ${HOME}/.local/share/torbrowser
etc/profile-m-z/torbrowser-launcher.profile:mkdir ${HOME}/.config/torbrowser
etc/profile-m-z/torbrowser-launcher.profile:mkdir ${HOME}/.local/share/torbrowser
etc/profile-m-z/torbrowser-launcher.profile:whitelist ${HOME}/.config/torbrowser
etc/profile-m-z/torbrowser-launcher.profile:whitelist ${HOME}/.local/share/torbrowser
etc/profile-m-z/torbrowser.profile:mkdir ${HOME}/.cache/mozilla/torbrowser
etc/profile-m-z/torbrowser.profile:whitelist ${HOME}/.cache/mozilla/torbrowser
$ git grep -IE '\$\{HOME\}.*/tor-?browser' -- \
  etc/inc/*.inc etc/profile*/*.profile |
  sed -E 's/[^ ]+ //' | LC_ALL=C sort -u
${HOME}/.cache/mozilla/torbrowser
${HOME}/.cache/torbrowser
${HOME}/.config/torbrowser
${HOME}/.local/opt/tor-browser
${HOME}/.local/share/torbrowser
${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Browser/.mozilla/native-messaging-hosts
${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Browser/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json

Since these are program-specific paths and most are already in
disable-programs, maybe it's best to just move the relevant path in
disable-common to disable-programs.

@rusty-snake

Any thoughts on this?

[rusty-snake]

Looks like the entry in disable-common goes back to me writing disable-common rather disable-programs in #4781. I'm not sure if it had a reason or just typed the wrong thing.

One could argued that it is more sensitive as it is Tor and not only program data but a full program installation that (I.e. writing to files that will be executed). However this is also true for various other native/bash/python/lua/…-plugins of other programs. More aggressive read-onlying dotfiles would be the better approach.

[kmk3]

Looks like the entry in disable-common goes back to me writing disable-common
rather disable-programs in #4781. I'm not sure if it had a reason or just
typed the wrong thing.

One could argued that it is more sensitive as it is Tor and not only program
data but a full program installation that (I.e. writing to files that will be
executed). However this is also true for various other
native/bash/python/lua/…-plugins of other programs.

Yup, I had the same thoughts.

More aggressive read-onlying dotfiles would be the better approach.

Agreed, it would be good to increase that in general, especially since it's not
trivial to check which dotfiles may (now or in the future) allow running
arbitrary commands.

@cobratbq

For this PR, can you make it just move the path in disable-common to
disable-programs?