On Sun, 1 Mar 2026 21:51:15 +0100
Tomáš Zíma <tomas@tzima.cz> wrote:
> > A root-owned file won't be accessible to sandboxed applications
> >such as Firefox running under Flatpak.
>
> I would imagine something like this:
>
> 1. Extend adduser to ask for the user's date of birth. (GUI
> installers/tool would have to ask for this extra field too.) 2.
> Generate root-owned file containing the birth day, as suggested.
This would be somewhat problematic for custom implementations that want
to avoid storing the user's real date of birth and store only the age
bracket. Whonix would want to do this for anti-fingerprinting purposes.
I suppose the root-owned file could be generated with a static age
bracket and the date of birth field could be empty. Then the cron job
would simply skip updating the bracket if the date-of-birth field was
empty.
> 3. Regenerate a root-owned, user-readable (non-writeable) file
> containing the user's "age bracket" once per day via cron. The path &
> its format (e.g. "UNDER_13") would be the API. Alternatively, to make
> it more portable, a script get-age-bracket could be provided. 4.
> Making the file/script available to sandboxes is a matter of
> configuration.
>
> I don't think XDG is a good place to implement this.
My main motivation for proposing that this be done in XDG is to make an
effort to make something that can be adopted more-or-less widely in the
end. It's definitely true that every OS could implement something
semi-bespoke like suggested here (or maybe this mechanism could end up
the standard). Personally I'd be perfectly happy with that solution,
but I don't think that's what the people who drafted the bill had in
mind when they wrote it, and I'd like for Whonix to not come under fire
for doing things "the wrong way". Even if ultimately no one wants a
standardized solution, we can say we tried.
--
Aaron
