[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Firefox security bug (proxy-bypass) in current TBBs
On Fri, 4 May 2012 07:27:35 +0200
"Fabio Pietrosanti (naif)" <lists@xxxxxxxxxxxxxxx> wrote:
> > Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux way):
> Well, this can also be prevented if the "starter" of TBB would be a
> binary/executable rather than a shell script, and that binary executable
> would provide "LD_PRELOAD" tsocks like approach wrapping the connect().
> That way the entire TBB will run over the TBB_STARTER that will provide
> an "application-level" firewall that would prevent any kind of socket
> API to get-out directly.
An "application-level" firewall is an illusion of security. Procesess can be separated by owners
with users and groups but programs itself cannot be authenticated to iptables.
That's a reason to exclude an "application-level" firewall options --owner --cmd-owner <program-name>
from the kernel iptables modules.
Stronger way to manage network connections associated to programs is SELinux security contexts or
similar security modules. Even a path based ACLs and MACs such as AppArmor can be avoided and failed
and only strong security context isolation in SELinux is a right decision.
Or just simple use system groups with iptables: not so secure, not so strong.
tor-talk mailing list