[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #24400 [Core Tor/Tor]: Seccomp filter incorrectly tries to act on strings, allowing sandbox bypass
#24400: Seccomp filter incorrectly tries to act on strings, allowing sandbox bypass
--------------------------+------------------------------------
Reporter: Sebastian | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Major | Resolution:
Keywords: sandbox | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by cypherpunks):
It seems like trying to set things like `SocksPort` to a UNIX domain
socket will cause Tor to crash due to this bug. The path is whitelisted at
compile-time, so changing it results in a violation and a confusing error
suggesting that the path may not be readable.
Other affected parameters that are broken when the sandbox are in use
include:
`DirPortFrontPage`
`ServerDNSResolvConfFile`
`CookieAuthFile`
`ExtORPortCookieAuthFile`
And likely more.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24400#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs