[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #31031 [Applications/Tor Browser]: Tor Browser trying to read /etc/machine-id on start

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #31031 [Applications/Tor Browser]: Tor Browser trying to read /etc/machine-id on start
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 01 Jul 2019 08:49:37 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 01 Jul 2019 04:49:47 -0400
In-reply-to: <054.ea30697282c05473953ed331caae81ec@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <054.ea30697282c05473953ed331caae81ec@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#31031: Tor Browser trying to read /etc/machine-id on start
--------------------------------------+--------------------------
 Reporter:  rain-undefined            |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------
Changes (by gk):

 * cc: sysrqb (added)


Comment:

 sysrqb pointed to:
 {{{
 if (allowPulse) {
     // PulseAudio also needs access to read the $XAUTHORITY file (see
     // bug 1384986 comment #1), but that's already allowed for hybrid
     // GPU drivers (see above).
     policy->AddPath(rdonly, "/var/lib/dbus/machine-id");
   }
 }}}
 However, a bit above that we have:
 {{{
   bool allowPulse = false;
   bool allowAlsa = false;
   if (level < 4) {
 #ifdef MOZ_PULSEAUDIO
     allowPulse = true;
 #endif
 }}}
 If you look at the sandbox level in `about:config`
 `security.sandbox.content.level` gives you `4`. And even
 `GetEffectiveContentSandboxLevel()` (which determines `level`) seems to
 give `4` back:
 {{{
 #ifdef XP_LINUX
   // Level 4 and up will break direct access to audio.
   if (level > 3 && !Preferences::GetBool("media.cubeb.sandbox")) {
     level = 3;
   }
 #endif

   return level;
 }}}
 given that `media.cubeb.sandbox` is `true`.

 So, it seems that content at least is not the culprit here.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31031#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #31079 [Applications/Tor Browser]: Update Mozilla gpg key
Next by Author: Re: [tor-bugs] #30549 [Applications/Tor Browser]: Add script to remove expired sub-keys from a keyring file
Previous by thread: Re: [tor-bugs] #15516 [Core Tor/Tor]: Consider rate-limiting INTRODUCE2 cells when under load
Next by thread: Re: [tor-bugs] #31031 [Applications/Tor Browser]: Tor Browser trying to read /etc/machine-id on start
Index(es):
- Author
- Thread