From d69d8f64f3715c1e2086e2d6ec2c9ceacdd950c5 Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Sat, 27 Jan 2024 15:04:22 +0000
Subject: [PATCH] tor-browser: sandbox with bwrap; remove useHardenedMalloc
 patch

---
 hosts/common/programs/tor-browser.nix | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/hosts/common/programs/tor-browser.nix b/hosts/common/programs/tor-browser.nix
index 31b836dc..fa9133dd 100644
--- a/hosts/common/programs/tor-browser.nix
+++ b/hosts/common/programs/tor-browser.nix
@@ -1,11 +1,13 @@
 { pkgs, ... }:
 {
   sane.programs.tor-browser = {
-    packageUnwrapped = pkgs.tor-browser.override {
-      # hardenedMalloc solves an "unable to connect to Tor" error when pressing the "connect" button
-      # - still required as of 2023/07/14
-      useHardenedMalloc = false;
-    };
+    # packageUnwrapped = pkgs.tor-browser.override {
+    #   # hardenedMalloc solves an "unable to connect to Tor" error when pressing the "connect" button
+    #   # - required as recently as 2023/07/14
+    #   # - no longer required as of 2024/01/27
+    #   useHardenedMalloc = false;
+    # };
+    sandbox.method = "bwrap";
     persist.byStore.cryptClearOnBoot = [
       ".local/share/tor-browser"
     ];