AUR (en) - tor-browser-bin

Search Criteria

Enter search criteria

Search by

Keywords

Out of Date

Sort by

Sort order

Per page

Package Details: tor-browser-bin 15.0.15-1

Package Actions

Git Clone URL:	https://aur.archlinux.org/tor-browser-bin.git (read-only, click to copy)
Package Base:	tor-browser-bin
Description:	Tor Browser Bundle: anonymous browsing using Firefox and Tor
Upstream URL:	https://www.torproject.org/projects/torbrowser.html
Licenses:	MPL-2.0
Conflicts:	tor-browser
Provides:	tor-browser
Submitter:	FabioLolix
Maintainer:	grufo (jugs)
Last Packager:	jugs
Votes:	1305
Popularity:	5.25
First Submitted:	2023-09-24 17:45 (UTC)
Last Updated:	2026-06-04 14:02 (UTC)

Dependencies (19)

alsa-lib
dbus-glib
desktop-file-utils (desktop-file-utils-git^AUR)
hicolor-icon-theme (hicolor-icon-theme-git^AUR)
hunspell (hunspell-git^AUR)
icu (icu-git^AUR)
libevent (libevent-git^AUR)
libvpx (libvpx-full-git^AUR, libvpx-git^AUR)
libxt
mime-types (mailcap)
nss (nss-hg^AUR)
sqlite (sqlite-fossil^AUR)
startup-notification
gst-libav (gst-libav-git^AUR) (optional) – H.264 video
gst-plugins-good (gst-plugins-good-git^AUR) (optional) – H.264 video
kdialog (kdialog-git^AUR) (optional) – KDE dialog boxes
libnotify (libnotify-git^AUR) (optional) – Gnome dialog boxes
libpulse (pulseaudio-dummy^AUR, libpulse-git^AUR) (optional) – PulseAudio audio driver
zenity (zenity-gtk3^AUR, zenity-git^AUR, qarma-git^AUR, zenity-rs-bin^AUR) (optional) – simple dialog boxes

Required by (0)

Sources (8)

Pinned Comments

grufo commented on 2019-08-15 02:22 (UTC)

Before running makepkg, you must do this (as normal user):

$ gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

If you want to update tor-browser from AUR without AUR helpers you can run in a terminal:

$ tor-browser -u

Latest Comments

1 2 3 4 5 6 .. 79 Next › Last »

jugs commented on 2026-06-04 15:21 (UTC)

@medaminezghal,

Because this package treats /opt/tor-browser as the system-managed cache/source, not the runnable browser install. There's a number of reasons why we don't install there...

Tor Browser expects a writable bundle - Tor Browser keeps some runtime/update/profile-ish state inside its own extracted tree. A normal user cannot write to /opt without root.
Avoid running browser/updater as root - Making Tor Browser update or modify files under /opt would require root privileges, which is bad from a security perspective.
Per-user isolation - Each Linux user gets their own Tor Browser copy and data under their home directory.
Pacman ownership safety - If Tor Browser modifies files under /opt, those files would no longer cleanly match what pacman installed. Keeping the real mutable copy outside pacman-owned paths avoids package-manager conflicts.
Updates are staged safely - On package upgrade, pacman replaces the tarball in /opt; the next normal user launch refreshes the user-local copy.

medaminezghal commented on 2026-05-14 11:50 (UTC)

@grufo Why don't you install tor-browser fully under /opt/tor-browser? Why it's under ~/.local/opt/tor-browser?

grufo commented on 2026-05-10 12:57 (UTC)

@ilovemikael: Alright. Grammar fixed.

ilovemikael commented on 2026-05-08 10:11 (UTC) (edited on 2026-05-08 10:13 (UTC) by ilovemikael)

@grufo - My mistake on the .desktop file, thanks for clarifying the spec (I was fixing it for the alpha package, and when I made it use the pkgver, it worked, but I think I confounded that as fixing the file when changing [Dsektop Entry] to [Desktop Entry] was the real fix, always the red herrings!).

For the typo, I mean that 'you do not have installed ${TB_PKGNAME} yet' is incorrect grammar; it should be 'you don't have ${TB_PKGNAME} installed yet' or something like that. The shell var is spelt fine :).

grufo commented on 2026-04-22 06:06 (UTC) (edited on 2026-04-22 06:06 (UTC) by grufo)

@ilovemikael:

The Version key in the .desktop file does refer to Tor Browser's version, but to “the version of the desktop entry specification to which this file conforms” (see the wiki)
What typo? The shell variable is called _TB_PKGNAME_.

ilovemikael commented on 2026-04-19 04:25 (UTC)

Hi, the value of Version in the desktop file (1.0) should be switched to @PACKAGE_VERSION@ to work with the _sed_subst function; also, although it is pestilentially petty to point out, considering that the words should be printed only if things go awry, my moral barometer nonetheless impels me to inform you that line 212 of the shell script has a typo ("you do not have installed ${TB_PKGNAME} yet"). Good day.

jugs commented on 2026-04-07 15:35 (UTC) (edited on 2026-04-07 15:35 (UTC) by jugs)

@zuzavo, I am seeing that the window is tiling by default in hyprland as well. I don't think that's a bug as the tor-browser package has nothing to do with your compositor/window manager. If you want to edit your hyprland config you can make it floating by default:

windowrule = float 1, match:class Tor Browser

zuzavo commented on 2026-04-04 21:48 (UTC)

Hello I am a Hyprland user. The latest update makes Tor Browser take up the entire screen. Could someone else confirm this to be sure this is a bug?

Maxr commented on 2026-02-14 20:40 (UTC)

The PKGBUILD fetches SHA256 checksums at build time via _dist_checksum(), which downloads them from torproject.org. This defeats the purpose of checksum verification - a compromised server could serve both malicious archives AND matching checksums. Additionally, the fallback to sha256sums-unsigned-build.txt further weakens security if the signed version is unavailable.

This breaks makepkg's security model where checksums should be hardcoded in the PKGBUILD. While GPG signature verification provides some protection (if users import the key as instructed), relying solely on runtime-fetched checksums is problematic.

Do I miss something? If not, is it really necessary to let it fetch the checksums instead of hardcoding them?

dataprolet commented on 2025-12-14 14:45 (UTC)

@LaughingMan Well the package is basically broken at this point too.