[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #17936 [Torsocks]: torsocks fails open on Mac OS X 10.11
#17936: torsocks fails open on Mac OS X 10.11
--------------------------+---------------------
Reporter: hellais | Owner: dgoulet
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Torsocks | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Sponsor:
--------------------------+---------------------
I am running OSX 10.11 and since the update I just noticed that torsocks
is failing to torify connections.
Here are the details of my system:
{{{
$ torsocks --version
Torsocks 2.1.0
$ uname -a
Darwin XXX 15.0.0 Darwin Kernel Version 15.0.0: Sat Sep 19 15:53:46 PDT
2015; root:xnu-3247.10.11~1/RELEASE_X86_64 x86_64
$ sw_vers -productVersion
10.11.1
}}}
Doing a cursory search into what may be the causes for this problem it
seems like a security "feature" introduced in OSX 10.11 is to blame for
this behaviour called System Integrity Protection [1]. Looking around
there are other people complaining about the fact that
`DYLD_INSERT_LIBRARIES` doesn't work in OSX 10.11 [2].
This stackoverflow article does a nice summary of what can be done and
can't be done due to SIP: http://apple.stackexchange.com/questions/193368
/what-is-the-rootless-feature-in-el-capitan-really.
I am not sure what can be done to overcome this limitation in the latest
version of OSX, but I think that at least torsocks should implement a
check for the OSX version and if it's greater than 10.10 it fails closed
(without doing the non-torified request).
[1]
https://developer.apple.com/library/mac/documentation/Security/Conceptual/System_Integrity_Protection_Guide/Introduction/Introduction.html
[2] https://groups.google.com/a/chromium.org/forum/#!topic/crashpad-
dev/MafauT4BHSY
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17936>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs