[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #17936 [Torsocks]: torsocks fails open on Mac OS X 10.11



#17936: torsocks fails open on Mac OS X 10.11
--------------------------+---------------------
     Reporter:  hellais   |      Owner:  dgoulet
         Type:  defect    |     Status:  new
     Priority:  Medium    |  Milestone:
    Component:  Torsocks  |    Version:
     Severity:  Normal    |   Keywords:
Actual Points:            |  Parent ID:
       Points:            |    Sponsor:
--------------------------+---------------------
 I am running OSX 10.11 and since the update I just noticed that torsocks
 is failing to torify connections.

 Here are the details of my system:

 {{{
 $ torsocks --version
 Torsocks 2.1.0

 $ uname -a
 Darwin XXX 15.0.0 Darwin Kernel Version 15.0.0: Sat Sep 19 15:53:46 PDT
 2015; root:xnu-3247.10.11~1/RELEASE_X86_64 x86_64

 $ sw_vers -productVersion
 10.11.1
 }}}

 Doing a cursory search into what may be the causes for this problem it
 seems like a security "feature" introduced in OSX 10.11 is to blame for
 this behaviour called System Integrity Protection [1]. Looking around
 there are other people complaining about the fact that
 `DYLD_INSERT_LIBRARIES` doesn't work in OSX 10.11 [2].
 This stackoverflow article does a nice summary of what can be done and
 can't be done due to SIP: http://apple.stackexchange.com/questions/193368
 /what-is-the-rootless-feature-in-el-capitan-really.

 I am not sure what can be done to overcome this limitation in the latest
 version of OSX, but I think that at least torsocks should implement a
 check for the OSX version and if it's greater than 10.10 it fails closed
 (without doing the non-torified request).

 [1]
 https://developer.apple.com/library/mac/documentation/Security/Conceptual/System_Integrity_Protection_Guide/Introduction/Introduction.html

 [2] https://groups.google.com/a/chromium.org/forum/#!topic/crashpad-
 dev/MafauT4BHSY

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17936>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs