[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 02 Feb 2018 15:08:02 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 02 Feb 2018 10:08:12 -0500
In-reply-to: <047.7a765300182b8f1839ac929a6745bf26@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.7a765300182b8f1839ac929a6745bf26@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-------------------------------------------------+-------------------------
 Reporter:  yawning                              |          Owner:
                                                 |  pospeselr
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-security, tbb-sandboxing,        |  Actual Points:
  TorBrowserTeam201802R                          |
Parent ID:  #20775                               |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by mcs):

 Replying to [comment:20 yawning]:
 > Oh hey, I was right.
 >
 > Regarding the patch:
 >  * I'm not sure if checking that the URI scheme is file is the correct
 long term fix (eg: #20337), but that bridge can be burnt when someone gets
 there.

 Agreed. Richard, if we keep the `"file://"` prefix test, please add a
 comment to #20337 so we don't forget about this loose end.

 >  * Should this apply to OSX as well?  I do not know how OSX's process
 sandboxing stuff works, or what options it has for limiting what a process
 can do.

 I think we might as well apply the patch to OSX as well since it may be
 useful there. The not-really-awesome OSX sandboxing prototype that Kathy
 and I created a while ago does use the older mechanism of the ones that
 teor discussed (sandbox-exec).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22794#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #22089 [Applications/Tor Browser]: Add Decentraleyes to slighten off a bit Exit traffic and work around some CDNs blocking of Tor
Next by Author: Re: [tor-bugs] #6236 [Core Tor/Tor]: Remove duplicate code between parse_{c, s}method_line
Next by thread: Re: [tor-bugs] #24975 [Core Tor/Tor]: sched: scheduler_notify_networkstatus_changed() calls select_scheduler() without the new consensus
Index(es):
- Author
- Thread