[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [webwml/staging] Drop the 'Help improve Tor sandboxing' project idea



commit 577f98c3804df4cf65e95d5c577e91cd685fabff
Author: Damian Johnson <atagar@xxxxxxxxxxxxxx>
Date:   Wed Feb 11 08:14:01 2015 -0800

    Drop the 'Help improve Tor sandboxing' project idea
    
    Nick and David both say this is done.
---
 getinvolved/en/volunteer.wml |   68 +-----------------------------------------
 1 file changed, 1 insertion(+), 67 deletions(-)

diff --git a/getinvolved/en/volunteer.wml b/getinvolved/en/volunteer.wml
index ab1b164..514bf2d 100644
--- a/getinvolved/en/volunteer.wml
+++ b/getinvolved/en/volunteer.wml
@@ -405,8 +405,7 @@ meetings around the world.</li>
     <i><a href="#improveTorTestCoverage">Improve test coverage in Tor</a></i><br />
     <i><a href="#useMoreCores">Have the Tor daemon use more cores</a></i><br />
     <i><a href="#improveHiddenServices">Help improve Tor hidden services</a></i><br />
-    <i><a href="#improvedDnsSupport">Improved DNS support for Tor</a></i><br />
-    <i><a href="#torSandboxing">Help improve Tor sandboxing</a></i>
+    <i><a href="#improvedDnsSupport">Improved DNS support for Tor</a></i>
     </p>
 
     <a id="project-torbrowser"></a>
@@ -1433,71 +1432,6 @@ the codebase that you want to work on.
     </p>
     </li>
 
-    <a id="torSandboxing"></a>
-    <li>
-    <b>Help improve Tor sandboxing</b>
-    <br>
-    Effort Level: <i>Medium</i>
-    <br>
-    Skill Level: <i>Medium</i>
-    <br>
-    Likely Mentors: <i>David (dgoulet)</i>
-    <p>
-The seccomp2 mechanism on Linux lets programs improve their robustness
-against unforseen bugs by running with restrictions on which system
-calls they can invoke and how they can call them.  This can help
-security a lot.
-    </p>
-
-    <p>
-Thanks to a GSOC student from last year, we now have seccomp2 support on
-Linux, which we use to restrict the capabilities of the entire Tor
-process.  (For implementation details, see src/commmon/sandbox.c in the
-Tor source.)
-    </p>
-
-    <p>
-But since the restrictions are done over the whole process, all pieces
-of the Tor code have permission to do things that only small parts of
-the Tor program need to do.  Also, since we use seccomp2, these
-restrictions only work on Linux.
-    </p>
-
-    <p>
-It would be great to instead divide the main Tor program into multiple
-processes with a robust IPC mechanism and assign each process its own
-minimal set of privileges; and to have this work (as best we can) on
-systems that don't have seccomp2 (eg Windows, Mac).
-    </p>
-
-    <p>
-Either of these could be a whole GSOC project.
-    </p>
-
-    <p>
-To get started, make sure you understand the existing sandboxing code.
-If you're interested in splitting Tor into multiple processes, think
-about the architecture, and think about how we could reach this
-architecture without completely rewriting the codebase.  (Remember that
-even if you're focusing on Linux, Tor still needs to work on other
-operating systems.)
-    </p>
-
-    <p>
-If you're interested in supporting more platforms, make sure you
-understand and can explain what sandboxing mechansisms you want to use,
-and what they're capable of.  (You might want to investigate the way
-that other open-source programs, like the Chrome web browser, do their
-sandboxing on different platforms.)
-    </p>
-
-    <p>
-As part of the application process for this project, please contribute a
-nontrivial patch to Tor -- ideally, one that will affect some part of
-the codebase that you want to work on.
-    </p>
-    </li>
-
     <a id="panopticlick"></a>
     <li>
     <b>Panopticlick</b>



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits