[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Firefox security bug (proxy-bypass) in current TBBs

On Fri, 4 May 2012 07:27:35 +0200
"Fabio Pietrosanti (naif)" <lists@xxxxxxxxxxxxxxx> wrote:

> > Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux way):
> Well, this can also be prevented if the "starter" of TBB would be a
> binary/executable rather than a shell script, and that binary executable
> would provide "LD_PRELOAD" tsocks like approach wrapping the connect().
> That way the entire TBB will run over the TBB_STARTER that will provide
> an "application-level" firewall that would prevent any kind of socket
> API to get-out directly.
> -naif
> _______________________________________________

An "application-level" firewall is an illusion of security. Procesess can be separated by owners
with users and groups but programs itself cannot be authenticated to iptables. 
That's a reason to exclude an "application-level" firewall options --owner --cmd-owner <program-name>
from the kernel iptables modules.

Stronger way to manage network connections associated to programs is SELinux security contexts or
similar security modules. Even a path based ACLs and MACs such as AppArmor can be avoided and failed 
and only strong security context isolation in SELinux is a right decision.

Or just simple use system groups with iptables: not so secure, not so strong.
tor-talk mailing list