[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18397 [Tor]: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall

Subject: Re: [tor-bugs] #18397 [Tor]: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 29 Mar 2016 20:39:40 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 29 Mar 2016 16:39:49 -0400
In-reply-to: <049.54b38356adfc10014428eb6510da40c8@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.54b38356adfc10014428eb6510da40c8@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#18397: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall
-------------------------------------------------+-------------------------
 Reporter:  fowlslegs                            |          Owner:  nickm
     Type:  defect                               |         Status:
 Priority:  High                                 |  needs_information
Component:  Tor                                  |      Milestone:  Tor:
 Severity:  Major                                |  0.2.8.x-final
 Keywords:  seccomp, sandbox, getsockopt,        |        Version:  Tor:
  027-backport                                   |  0.2.7.6
Parent ID:                                       |     Resolution:
 Reviewer:                                       |  Actual Points:
                                                 |         Points:
                                                 |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 Spent a little bit of time looking at this... I'm a noob at debugging
 what's not in logs... so first I ran "tor &" in terminal from my normal
 user (I know not ideal but figured it'd give me an opportunity to check
 terminal for output) with "Sandbox 1" in torrc...  and it started fine (no
 crash), and I checked /proc/<pid>/status and indeed found "Seccomp: 2"
 indicating that seccomp filtering was enabled.

 I tried the same with strace, but never encountered a crash. The problem
 only seems to occur when I try to start/restart the _service_ using
 systemctl/systemd. Perhaps an issue with the unit file?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18397#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #13252 [Tor Browser]: Tor Browser on OS X should not store data into the application bundle
Next by Author: Re: [tor-bugs] #11331 [Tor]: rewrite tor in rust-lang
Previous by thread: Re: [tor-bugs] #18397 [Tor]: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall
Next by thread: [tor-bugs] #18548 [Tor]: Tor calling sandbox_getaddrinfo() delays bootstrap when no system DNS is available
Index(es):
- Author
- Thread