[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #12820 [Tor bundles/installation]: Test+Recommend Tor Browser with Enhanced Mitigation Experience Toolkit
#12820: Test+Recommend Tor Browser with Enhanced Mitigation Experience Toolkit
-------------------------------------+-------------------------------------
Reporter: mikeperry | Owner: erinn
Type: project | Status: accepted
Priority: normal | Milestone:
Component: Tor | Version:
bundles/installation | Keywords: tbb-security, tbb-isec-
Resolution: | report
Actual Points: | Parent ID:
Points: |
-------------------------------------+-------------------------------------
Comment (by cypherpunks):
I have been using EMET with Tor Browser (Firefox) for about a year. I
haven't experienced any problem.
My current firefox (tor browser) configuration includes latest EMET 5.0
with the new EAF+ feature. The following is from the Popular Software.xml
that comes with EMET. This code is applied on top of the default
protection rules. I think to enter specific EAF+ modules, it must be
imported from an xml file, because there isn't a place to enter the eaf
modules on the GUI, only checkboxes.
{{{
<Vendor Name="Mozilla">
<Suite Name="FireFox" Arch="x86">
<App Name="Browser" Path="*\Mozilla Firefox\firefox.exe">
<Mitigation Name="EAF+" Enabled="true">
<eaf_modules>mozjs.dll;xul.dll</eaf_modules>
</Mitigation>
</App>
<App Name="Plugin container" Path="*\Mozilla Firefox\plugin-
container.exe"/>
</Suite>
</Vendor>
}}}
Since I'm ok with using wildcards on EMET for most exes, this is the code
from my edited xml which supports all firefox instances including
(multiple and/or simultaneous) Tor Browsers.
{{{
<Vendor Name="Mozilla">
<Suite Name="FireFox" Arch="x86">
<App Name="Browser" Path="*\firefox.exe">
<Mitigation Name="EAF+" Enabled="true">
<eaf_modules>mozjs.dll;xul.dll</eaf_modules>
</Mitigation>
</App>
<App Name="Plugin container" Path="*\plugin-container.exe"/>
</Suite>
</Vendor>
}}}
I also have been using and never encountered a problem with *\tor.exe and
*\Start Tor Browser.exe
Is there anything else (eaf+ and asr modules) that could be added to above
rules to further harden Tor or Tor Browser?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12820#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs