[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29819 [Core Tor/Tor]: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #29819 [Core Tor/Tor]: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 16 May 2019 15:18:32 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 16 May 2019 11:18:42 -0400
In-reply-to: <046.367d57fc9cf12c2ad9132b777871a41c@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.367d57fc9cf12c2ad9132b777871a41c@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#29819: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4
-----------------------------------+------------------------------------
 Reporter:  toralf                 |          Owner:  nickm
     Type:  defect                 |         Status:  assigned
 Priority:  Medium                 |      Milestone:  Tor: 0.4.0.x-final
Component:  Core Tor/Tor           |        Version:  Tor: unspecified
 Severity:  Normal                 |     Resolution:
 Keywords:  crash, linux, sandbox  |  Actual Points:
Parent ID:                         |         Points:  2-10
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------------------
Changes (by nickm):

 * points:  0.2 => 2-10


Comment:

 pege -- the EPERM idea seems plausible, if it works.  Do you have time to
 try it out?

 Otherwise, the only workable idea I can think of is to rearchitect how we
 handle filesystem interactions in the sandbox.  We should really have an
 trusted unsandboxed process whose job it is to open files for the main
 process, and pass them back over a pipe.  This would let us support more
 sandboxing techniques, and allow us to throw out our immutable-string
 hacks.  It would be a lot of work though, and I don't see where we have
 time to do it in our current roadmap.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29819#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #29772 [Metrics/Website]: Add bandwidth graph with median, quartiles, and lowest bandwidth within 1.5 IQR of lower quartile
Next by Author: Re: [tor-bugs] #27878 [Webpages/Website]: docs/en/update_signing-keys.pl should not use default ~/.gnupg
Previous by thread: Re: [tor-bugs] #29738 [Core Tor/Tor]: Deprecate RecommendedPackages torrc option, and remove the code for voting for packages
Next by thread: Re: [tor-bugs] #28037 [Core Tor/Tor]: Document how to fix or disable failing CI
Index(es):
- Author
- Thread