Re: [tor-dev] Sandboxed Tor Browser should be officially developed

[Matthew Finkel <matthew.finkel@xxxxxxxxx>]

On Mon, Jul 16, 2018 at 01:32:19AM +0000, Matthew Finkel wrote:
> Hi Everyone,
> 
> We'll discuss this at a meeting next Tuesday, 24 July at 15:00 UTC in
> #tor-meeting on OTFC.

Reminder!

> 
> There was some discussion on the tbb-dev@ mailing list, but this meeting
> will cover the details, implementation plan, roadmap, timeline, etc
> (maybe we won't have enough time for all of these topics).
> 
> Please feel free to join the channel and watch and/or contribute
> productively. There will be logs available after the meeting, as well.
> 
> https://lists.torproject.org/pipermail/tbb-dev/2018-July/000874.html

We'll be discussing the available platform-specific features, some are
described (to some extent) in the above thread. Another option that
wasn't included was Docker-on-each-OS - at this point, Docker is
supported on some versions of Windows, Mac OS X and Linux. However,
this doesn't include all OS versions supported by Tor Browser, so we
must choose our sandboxing techniques carefully.

I believe we can use/abuse many of the same features used by Docker on
these systems when they are available, but we'll need a safe fallback
option when they aren't available (while still providing as much
protection as we can).

As Tom mentioned in his response on the tbb-dev@ thread, the Windows
container features are only available on Windows 10 Professional and
Enterprise editions - so we can't rely on them right now. The API is
completely undocumented, but we have reference implementations.
Containers on Mac OS X are provided through an OS-provided hypervisor
layer. This may be an interesting avenue we can explore[0]. On Linux,
Sandboxed Tor Browser remains a good example of what we can accomplish.

[0] https://github.com/mist64/xhyve

> 
> Thanks,
> Matt
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev