[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #22950 [Applications/Tor Browser Sandbox]: Filter out X11 root window property queries.

Subject: Re: [tor-bugs] #22950 [Applications/Tor Browser Sandbox]: Filter out X11 root window property queries.
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 19 Jul 2017 06:18:53 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 19 Jul 2017 02:19:04 -0400
In-reply-to: <047.f09cdd469356e1aad2ef1cf4e2a46939@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.f09cdd469356e1aad2ef1cf4e2a46939@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22950: Filter out X11 root window property queries.
----------------------------------------------+-------------------------
 Reporter:  yawning                           |          Owner:  yawning
     Type:  enhancement                       |         Status:  new
 Priority:  Medium                            |      Milestone:
Component:  Applications/Tor Browser Sandbox  |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:  sandbox-fingerprinting            |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+-------------------------

Comment (by cypherpunks):

 The problem with Xephyr is that you need to also use a MAC or chroot to
 prevent the process from accessing the root X11 cookie, which is not as
 easy as running Xephyr. It's certainly doable, but how many people are
 going to do it?

 I think a better idea is to use `XGrabKeyboard()` in Tor Browser, which
 will prevent other applications from snooping on passwords being typed
 into the browser. See
 https://tronche.com/gui/x/xlib/input/XGrabKeyboard.html. Many security-
 critical programs do this, like OpenSSH and GnuPG. We should think of
 doing it here, too.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22950#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #22950 [Applications/Tor Browser Sandbox]: Filter out X11 root window property queries.
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #22888 [Webpages/Website]: Permanent download URL for the latest release
Next by Author: [tor-bugs] #22949 [Applications/Orbot]: Add some IP-HOST pair for meek use
Previous by thread: Re: [tor-bugs] #22950 [Applications/Tor Browser Sandbox]: Filter out X11 root window property queries.
Next by thread: [tor-bugs] #22951 [Core Tor/Tor]: NETINFO cells are mandatory, but tor-spec says "may"
Index(es):
- Author
- Thread