[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] More tor browser sandboxing fun.



On Wed, Sep 21, 2016 at 5:33 AM, Yawning Angel <yawning@xxxxxxxxxxxxxxx> wrote:
> Where: https://git.schwanenlied.me/yawning/sandboxed-tor-browser

> X11 is a huge mess of utter fail. Since the sandboxed processes get direct access to the host X server, this is an exploitation vector.

Is anyone actually actively throwing the full audit gamut
at X11 these days, or is it still just one giant pile of 30 year
legacy waiting to explode?

> Really, just fuck off and leave me alone.

Oh no, the concept of one toplevel sig over a pile of embedded
sigs and infrastructure underneath, is useful. Kindof like
how signing a monotone or git repository is useful... a single
and simply checkable root from which all crap piles floweth.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev