A compromised local user can leak your IP by using a script to start unsafe-browser hidden in the background and use X11 trickery to leak your real IP without privilege escalation. Most applications exploited on Tails would be capable of this.
deleting /etc/sudoers.d/zzz_unsafe-browser after booting will fix this issue until Tails fixes it themselves
Bug #15635
Feature #7072: Research potential for deanonymization by a compromised "amnesia" user
The Unsafe Browser allows to retrieve the public IP address by a compromised amnesia user with no user interaction
(Score: 0, Troll) by MichaelDavidCrawford on Sunday June 17 2018, @12:26PM (2 children)
$ sudo apt-get remove unsafe-browser
Extra Credit: Sometimes that removes all its dependencies too.
It happens that even CentOS' default install is chock full O' GUI attack surfaces. I at first looked to see what daemons were enabled, disabled then "# apt-get remove'-ed them, as well of some of their dependencies.
Then I removed xlib. The poorly-implemented video "games" fell like a row of dominos.
By the time I was done there were only a few dozen top-level packages installed.
I always intended to write a script for that, but then I always intend many things.
Yes I Have No Bananas. [gofundme.com]
(Score: 1, Interesting) by Anonymous Coward on Sunday June 17 2018, @05:05PM (1 child)
"apt-get" on centos?
(Score: 2, Touché) by Anonymous Coward on Sunday June 17 2018, @09:53PM
To his credit his apt-get example on Centos was commented out behind the #.