[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #20794 [Applications/Tor Browser Sandbox]: Track what mozilla is doing with their sandboxing efforts.



#20794: Track what mozilla is doing with their sandboxing efforts.
----------------------------------------------+-------------------------
 Reporter:  yawning                           |          Owner:  yawning
     Type:  task                              |         Status:  new
 Priority:  Medium                            |      Milestone:
Component:  Applications/Tor Browser Sandbox  |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:                                    |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+-------------------------

Comment (by cypherpunks):

 It seems adding non-`USER_NS` is part of their plan:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1151624

 I'm still a bit disgusted that they go this route, using unprivileged user
 namespaces, rather than making use of `CAP_CHROOT` to enter a chroot. I
 mean that's gotta be among the least dangerous capabilities.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20794#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs