[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24037 [Core Tor/Torsocks]: Use syscall blacklist rather than whitelist for torsocks

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #24037 [Core Tor/Torsocks]: Use syscall blacklist rather than whitelist for torsocks
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 04 Dec 2017 08:52:30 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 04 Dec 2017 03:52:41 -0500
In-reply-to: <051.3c8ce64d2ffabd79603f8e676f15b26b@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.3c8ce64d2ffabd79603f8e676f15b26b@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#24037: Use syscall blacklist rather than whitelist for torsocks
-------------------------------+------------------------------
 Reporter:  cypherpunks        |          Owner:  dgoulet
     Type:  enhancement        |         Status:  needs_review
 Priority:  Medium             |      Milestone:
Component:  Core Tor/Torsocks  |        Version:
 Severity:  Normal             |     Resolution:
 Keywords:                     |  Actual Points:
Parent ID:                     |         Points:
 Reviewer:                     |        Sponsor:
-------------------------------+------------------------------

Comment (by cypherpunks):

 >implement the first solution

 Nice! 33 insertions, 576 deletions. Great to see an alternative that gets
 rid of so much bad code. I'm working on the second solution myself (at
 least once #24400 is resolved so `SocksPort` doesn't break on UNIX domain
 sockets with the sandbox), but I think the two solutions can go hand in
 hand, as the second solution, while more secure, is Linux-specific.

 >that part probably needs review

 I don't think this will be an issue once torsocks no longer uses a
 whitelist. It seems to be more related to #24116, where the `mmap()`
 wrapper requires using `mmap()` to initialize memory, but can't be
 initialized until the syscall runs, resulting in a deadlock. There is no
 danger security-wise to allowing that syscall.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24037#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #24549 [Applications/GetTor]: GetTor not replying
Next by Author: Re: [tor-bugs] #24392 [Core Tor/Tor]: Ignore cached bridge descriptors until we check if they are running
Previous by thread: Re: [tor-bugs] #24400 [Core Tor/Tor]: Seccomp filter incorrectly tries to act on strings, allowing sandbox bypass
Next by thread: Re: [tor-bugs] #24037 [Core Tor/Torsocks]: Use syscall blacklist rather than whitelist for torsocks
Index(es):
- Author
- Thread