[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #8195 [Tor]: tor and capabilities
#8195: tor and capabilities
-------------------------------------------------+-------------------------
Reporter: weasel | Owner:
Type: enhancement | Status:
Priority: Medium | needs_revision
Component: Tor | Milestone: Tor:
Severity: Normal | 0.2.8.x-final
Keywords: tor-relay, security, 026-triaged-1, | Version:
026-deferrable, 027-triaged-1-out, | Resolution:
pre028-patch | Actual Points:
Parent ID: | Points: small
Sponsor: |
-------------------------------------------------+-------------------------
Comment (by yawning):
FreeBSD has `capsicum(4)`
(https://www.freebsd.org/cgi/man.cgi?query=capsicum&sektion=4) as far as
capabilities goes, but that's more along the lines of sandboxing than
Linux capabilities. We should support that eventually but it's orthogonal
to this, and none of the work here would carry over.
The existing state of PTs is somewhat better than it used to be since
calling `/usr/bin/setcap` works for about half the transports as an
alternative to port forwarding.
I'd vote to lorax this unless dgoulet is heavily invested in the code.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8195#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs