On Sun, 2026-03-01 at 16:08 -0500, Aaron Rainbolt wrote:
On Sun, 1 Mar 2026 21:51:15 +0100Tomáš Zíma <tomas@tzima.cz> wrote:A root-owned file won't be accessible to sandboxed applicationssuch as Firefox running under Flatpak.I would imagine something like this:1. Extend adduser to ask for the user's date of birth. (GUIinstallers/tool would have to ask for this extra field too.) 2.Generate root-owned file containing the birth day, as suggested.This would be somewhat problematic for custom implementations that wantto avoid storing the user's real date of birth and store only the agebracket. Whonix would want to do this for anti-fingerprinting purposes.I suppose the root-owned file could be generated with a static agebracket and the date of birth field could be empty. Then the cron jobwould simply skip updating the bracket if the date-of-birth field wasempty.3. Regenerate a root-owned, user-readable (non-writeable) filecontaining the user's "age bracket" once per day via cron. The path &its format (e.g. "UNDER_13") would be the API. Alternatively, to makeit more portable, a script get-age-bracket could be provided. 4.Making the file/script available to sandboxes is a matter ofconfiguration.I don't think XDG is a good place to implement this.My main motivation for proposing that this be done in XDG is to make aneffort to make something that can be adopted more-or-less widely in theend. It's definitely true that every OS could implement somethingsemi-bespoke like suggested here (or maybe this mechanism could end upthe standard). Personally I'd be perfectly happy with that solution,but I don't think that's what the people who drafted the bill had inmind when they wrote it, and I'd like for Whonix to not come under firefor doing things "the wrong way". Even if ultimately no one wants astandardized solution, we can say we tried.--Aaron
I am also not a lawyer but the law seems like it could easily be challenged and likely run afoul of privacy laws here in the US. The technical ramifications and enforcement of them can't be implemented in a way that wouldn't run afoul of privacy related rights (yes, even children have privacy rights) and also present a security quagmire. Further it puts the onus all on the "developer" or OS vendor to essentially keep track and obey "signals", or be fined. The spirit of the laws existence is to protect children but the implementation of this or a path-forward almost seems farcical to discuss. It's very clear it's drafting and implementation had no one who understands how this works in the room, and if they were, they were summarily ignored. Getting ahead of it as you are, whatever solution, it won't matter, because every larger distro is likely to implement their own way-to-do and same with every smaller one, and of course there will be those that ignore this completely or stop distributing in California and states that adopt such a law. The law's spirit is in the right place, but it needs revision so it can be implemented appropriately.
Christopher Warner
