[tor-bugs] #6937 [Tor Client]: SocksPipe or SocksSocket - an anonymous pipe to smoke network leakings bug out (of)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun Sep 23 10:10:40 UTC 2012
#6937: SocksPipe or SocksSocket - an anonymous pipe to smoke network leakings bug
out (of)
-------------------------------------+--------------------------------------
Reporter: ioerror | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor Client | Version: Tor: unspecified
Keywords: security needs-proposal | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
Comment(by rransom):
I should also add here that adding a crapload of unnecessary complexity to
everything other than AppArmor in order to make AppArmor look less
ineffective as a ‘security’ feature is utterly stupid. If AppArmor can't
block access to some AF_LOCAL sockets without blocking access to all of
them, then AppArmor needs to be fixed.
And then we'll finally be assured that TBB-Firefox on Linux can't do
anything worse than send a log of my keystrokes out over Tor and run and
control arbitrary GUI ‘apps’ on my X display. How comforting --
'''NOT'''.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6937#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list