search

arkenfox / user.js

Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening
MIT License
10.24k stars 518 forks source link

check 2603 browser.helperApps.deleteTempFileOnExit #1732

Closed Thorin-Oakenpants closed 1 year ago

Thorin-Oakenpants commented 1 year ago 
/* 2603: remove temp files opened with an external application
 * [1] https://bugzilla.mozilla.org/302433 ***/
user_pref("browser.helperApps.deleteTempFileOnExit", true);

I think this also requires browser.download.start_downloads_in_tmp_dir

also see https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42147

c3d1c06c-bf26-477e-b0eb-c50ef4477ba6 commented 1 year ago

edit: literally wrote the opposite what the code says, fixed. Need some sleep…

edit2: As browser.download.start_downloads_in_tmp_dir defaults to false for every OS, this means only if the user uses Mac and turned on browser.download.start_downloads_in_tmp_dir and browser.helperApps.deleteTempFileOnExit this will have any effect.

edit3: Tor shouldn't even be affected as it runs in permanent private mode. Private mode has it's own privileged deletion rules.

browser.download.start_downloads_in_tmp_dir needs to be true:

      } else if (
        Services.prefs.getBoolPref("browser.helperApps.deleteTempFileOnExit") &&
        Services.prefs.getBoolPref(
          "browser.download.start_downloads_in_tmp_dir",
          false
        )
      ) {
        lazy.gExternalAppLauncher.deleteTemporaryFileOnExit(
          new lazy.FileUtils.File(this.target.path)
        );
      }
    }
Thorin-Oakenpants commented 1 year ago

Tor shouldn't even be affected as it runs in permanent private mode ...

Tor Browser, not tor. But yeah, we're looking at hardening prefs to also cover "power users" (I hate that term) who change to normal mode - and it may be that MB switches to normal mode, or does something to reduce the friction (no password manager, no retained logins, no SWers, etc - all the shit we enjoy as normal mode users) - at the tor apps team meetup later this month in sweden, hosted by Mullvad, we going to hash out just what the threat model is for MB

Thorin-Oakenpants commented 1 year ago

pref added in FF95 Ff102 - 1738574 Want an option to continue to use /tmp and autodelete downloads automatically opened in an application

bugzilla title says it all :) And I'm kicking myself, because I knew all this but let it slide under the radar / forgot (I watch bugzilla like a hawk)

c3d1c06c-bf26-477e-b0eb-c50ef4477ba6 commented 1 year ago

Interesting that power users want to use TB in normal mode (instead using another browser).

So in the end this comes down to personal preference: Does one usually want to keep or delete a file opened in an external app? Not sure if AF should decide that for the user.

Thorin-Oakenpants commented 1 year ago

Interesting that power users want to use TB in normal mode (instead using another browser).

Well, it's anecdotal and devs tell me about the feedback they get. A lot of users (I wouldn't call them power, but rather technical users) want to be able to use the browser for it's anonymity but get more compat (saved passwords, saved logins, use webAuth, etc etc etc).

Not sure if AF should decide that for the user

AF decides you use RFP and a whole bunch of shit - we flip 110 or so prefs. That's why we have overrides and AF is a .. wait for it ... TEMPLATE :)

🍕 🍰 🥧 <- choose one