[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #14976 [Tor Browser]: Make use of SOCKSSocket in Linux+Mac TBBs

Subject: [tor-bugs] #14976 [Tor Browser]: Make use of SOCKSSocket in Linux+Mac TBBs
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 20 Feb 2015 20:52:20 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 20 Feb 2015 15:52:28 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#14976: Make use of SOCKSSocket in Linux+Mac TBBs
-----------------------------------------+--------------------------
 Reporter:  mikeperry                    |          Owner:  tbb-team
     Type:  enhancement                  |         Status:  new
 Priority:  major                        |      Milestone:
Component:  Tor Browser                  |        Version:
 Keywords:  tbb-security, tbb-4.5-alpha  |  Actual Points:
Parent ID:                               |         Points:
-----------------------------------------+--------------------------
 #12585 just landed in Tor 0.2.6.3. It creates a UNIX filesystem socket
 that can be used instead of a TCP SOCKS port. This will allow us to
 disable all networking in the Tor Browser Firefox process, which would be
 a huge hardening improvement.

 We can add support one of two ways: an LD_PRELOAD approach that tries to
 replace all TCP socket activity with SOCKSSocket calls, or with a direct
 implementation in Firefox's SOCKS layer.

 I think I prefer the direct implementation in Firefox, because it will
 also let our sandboxing help test for proxy leaks in the Firefox code
 which may affect other platforms that don't support SOCKSSocket (like
 Windows), or systems that don't have a sandbox. The LD_PRELOAD approach
 won't do this for us.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14976>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #14976 [Tor Browser]: Make use of SOCKSSocket in Linux+Mac TBBs
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #14974 [Onionoo]: Onionoo should output full tor-exit-address
Next by Author: Re: [tor-bugs] #13375 [Tor Browser]: Let's ship a .desktop file in Tor Browser for Linux
Previous by thread: Re: [tor-bugs] #14255 [Tor Browser]: Conduct periodic regression tests of nsTransferable selection caching
Next by thread: Re: [tor-bugs] #14976 [Tor Browser]: Make use of SOCKSSocket in Linux+Mac TBBs
Index(es):
- Author
- Thread