You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This isn't fleshed out enough for a specific proposal, but the premise is that Tor is a critical part of SecureDrop's anonymity promise, therefore we should aim to ship updates as fast as possible.
Originally we did just install it from the Tor Project's apt repository, we switched to our own mirror after two incidents broke SecureDrop:
(I'll note that both issues were AppArmor related, which I'd hope is better tested now that it's enabled by default in both Debian and Ubuntu.)
Currently we have an automated CI job that automatically pulls new versions into the apt-test repository; usually someone has a prod SD install pointed at apt-test that picks it up, and a human needs to check that everything is up.
This seems easily automate-able, we could even re-use our icinga setup to ensure that everything is up using the new version.
A final step would be to collaborate with Tor to upstream a suitable set of tests that they can run to ensure our configuration is supported to point where we feel satisfied that they won't break our setup. Then we could switch back to using Tor's repository directly.
The text was updated successfully, but these errors were encountered:
Description
This isn't fleshed out enough for a specific proposal, but the premise is that Tor is a critical part of SecureDrop's anonymity promise, therefore we should aim to ship updates as fast as possible.
Originally we did just install it from the Tor Project's apt repository, we switched to our own mirror after two incidents broke SecureDrop:
(I'll note that both issues were AppArmor related, which I'd hope is better tested now that it's enabled by default in both Debian and Ubuntu.)
Currently we have an automated CI job that automatically pulls new versions into the apt-test repository; usually someone has a prod SD install pointed at apt-test that picks it up, and a human needs to check that everything is up.
This seems easily automate-able, we could even re-use our icinga setup to ensure that everything is up using the new version.
A final step would be to collaborate with Tor to upstream a suitable set of tests that they can run to ensure our configuration is supported to point where we feel satisfied that they won't break our setup. Then we could switch back to using Tor's repository directly.
The text was updated successfully, but these errors were encountered: