[Pkg-anonymity-tools] Bug#753413: Bug#753413: this is probably due to design (not using freedesktop xdg-user-dirs)
Holger Levsen
holger at layer-acht.org
Sun Jul 27 09:41:26 UTC 2014
Hi,
On Sonntag, 27. Juli 2014, Stefano Zacchiroli wrote:
> > I believe this has probably been done by design,
> FWIW according to the upstream author (who has encouraged me to submit
> the bug also in the upstream BTS and *cough* propose a patch) that's not
> the case.
ah + heh.
> I'm not sure I understand the threat model you've in mind here. If
> secrecy is needed on the fact that someone might be using torbrowser,
> than *installing* torbrowser-launcher is not a good idea.
You're right on this, I guess. I had in mind the scenarioa where having it
installed wouldnt be less of a problem of having left traces of usage, but on
a second thought thats probably not very realistic.
> Bottom line: for that threat model a live system would be much better,
> and whether cleaning traces of past usage involves removing one
> directory, or several, seems just a minor detail really.
I agree.
> If we really want to support such a cleanup (which I'm not sure about),
> the best option seems to be to add a "--self-destruct" option to
> torbrowser-launcher, which does all the needed cleanup.
hm...
> The problem is
> that on distros like Debian, such a command should also "dpkg --purge"
> the package (and its dependencies...).
and the command history and dpkg.log and probably other stuff too... :)
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-anonymity-tools/attachments/20140727/91ff40e4/attachment.sig>
More information about the Pkg-anonymity-tools
mailing list