[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #9168 [Tor]: GSOC seccomp stage 1

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #9168 [Tor]: GSOC seccomp stage 1
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 03 Jul 2013 14:06:25 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 03 Jul 2013 10:06:39 -0400
In-reply-to: <047.634b3c09d1506e083df871a858e468fc@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.634b3c09d1506e083df871a858e468fc@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#9168: GSOC seccomp stage 1
--------------------------------------------+-------------------------------
 Reporter:  ctoader                         |          Owner:  nickm             
     Type:  enhancement                     |         Status:  needs_revision    
 Priority:  normal                          |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor                             |        Version:                    
 Keywords:  tor-relay gsoc seccomp sandbox  |         Parent:                    
   Points:                                  |   Actualpoints:                    
--------------------------------------------+-------------------------------

Comment(by nickm):

 Follow-up review:
   * log_err() won't work any better from a signal handler than fprintf().
 It calls snprintf, which isn't in the signal-safe functions list.  Also,
 exit() isn't on the signal-safe functions list, either, although _exit()
 is.  If you have a look at "man sigaction" or "man 7 signal", it should
 list the functions which can be safely called.
   * Based on that, I wonder if there shouldn't be configurable levels of
 sandboxing configurable, where one of them records the forbidden system
 calls and continues, and one of them just aborts.  Let's talk about the
 right interface for that.
   * Is the socketcall() thing still necessary now that we switched to add
 from add_exact?

 Other notes:
   * I still need to write the autoconf/automake magic here.
   * There should be documentation for the Sandbox option in doc/tor.1.txt
   * Probably we should squash before merging.  (The branch is 3184 lines
 long, but the diff is only 339 lines long)

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9168#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #8533 [Tor]: Improve instructions for how to run a testing Tor network
Next by Author: Re: [tor-bugs] #9168 [Tor]: GSOC seccomp stage 1
Previous by thread: Re: [tor-bugs] #9168 [Tor]: GSOC seccomp stage 1
Next by thread: Re: [tor-bugs] #9168 [Tor]: GSOC seccomp stage 1
Index(es):
- Author
- Thread