[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] r26581: {website} Dropping 'Run With Limited Capabilities' Another project don (website/trunk/getinvolved/en)

Author: atagar
Date: 2014-02-03 15:32:43 +0000 (Mon, 03 Feb 2014)
New Revision: 26581

Modified:
   website/trunk/getinvolved/en/volunteer.wml
Log:
Dropping 'Run With Limited Capabilities'

Another project done last year.



Modified: website/trunk/getinvolved/en/volunteer.wml
===================================================================
--- website/trunk/getinvolved/en/volunteer.wml	2014-02-03 15:29:08 UTC (rev 26580)
+++ website/trunk/getinvolved/en/volunteer.wml	2014-02-03 15:32:43 UTC (rev 26581)
@@ -424,7 +424,6 @@
 
     <p>
     <b>Project Ideas:</b><br />
-    <i><a href="#limitCapabilities">Run With Limited Capabilities</a></i><br />
     <i><a href="#torCleanup">Tor Codebase Cleanup</a></i><br />
     <i><a href="#httpsImpersonation">HTTPS Server Impersonation</a></i><br />
     <i><a href="#chutneyExpansion">Make Chutney Do More, More Reliably</a></i>
@@ -973,40 +972,6 @@
 
     </li>
 
-    <a id="limitCapabilities"></a>
-    <li>
-    <b>Run With Limited Capabilities</b>
-    <br>
-    Effort Level: <i>Medium to High</i>
-    <br>
-    Skill Level: <i>High</i>
-    <br>
-    Likely Mentors: <i>Nick (nickm)</i>
-    <p>
-    Many modern operating systems give a running program the ability to drop
-    capabilities that it no longer needs, and other ways for a program to run
-    pieces of itself in a sandbox with diminished privileges.
-    </p>
-
-    <p>
-    We'd like to do this with Tor, to improve its resistance to attacks.  The
-    easiest areas to address would be on systems like <a
-    href="https://lwn.net/Articles/475361/";>recent Linux kernels</a> that make
-    it easy to drop or restrict the set of syscalls that a program can invoke.
-    That's a great project, but probably not big enough for an internship just
-    on its own.  For that, we'd want to make progress on at least multiple
-    platforms, or look into refactoring Tor into pieces that need more
-    privileges and pieces that don't with an eye towards sandboxing them
-    differently.
-    </p>
-
-    <p>
-    See tickets <a href="https://trac.torproject.org/7005";>#7005</a> and <a
-    href="https://trac.torproject.org/5219";>#5219</a>, and their descendants,
-    for more information.
-    </p>
-    </li>
-
     <a id="torCleanup"></a>
     <li>
     <b>Tor Codebase Cleanup</b>

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits