[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] add a changes file for the sandbox fixes series
commit 506c8904402907f84f8c5ddcd6ecf15bb66d4030
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed Apr 16 22:45:27 2014 -0400
add a changes file for the sandbox fixes series
---
changes/sandbox_fixes_11351 | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/changes/sandbox_fixes_11351 b/changes/sandbox_fixes_11351
new file mode 100644
index 0000000..2fe2173
--- /dev/null
+++ b/changes/sandbox_fixes_11351
@@ -0,0 +1,13 @@
+ o Major features:
+ - Refinements and improvements to the Linux seccomp2 sandbox code:
+ the sandbox can now run a test network for multiple hours without
+ crashing. (Previous crash reasons included: reseeding the OpenSSL PRNG,
+ seeding the Libevent PRNG, using the wrong combination of CLOEXEC and
+ NONBLOCK at the same place and time, having server keys, being an
+ authority, receiving a HUP, or using IPv6.) The sandbox is still
+ experimental, and more bugs will probably turn up. To try it,
+ enable "Sandbox 1" on a Linux host.
+
+ - Strengthen the Linux seccomp2 sandbox code: the sandbox can now
+ test the arguments for rename(), and blocks _sysctl() entirely.
+
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits