commit f5dbc78776f413829085aa3fba2611214cc469ad Author: Yawning Angel yawning@schwanenlied.me Date: Sat Nov 26 08:37:25 2016 +0000

Bug #20773: Don't mount /proc in the tor container when no PTs.

While I'm being overly cautious about obfs4proxy, at least when bridges aren't in use, the tor container can do without /proc. --- src/cmd/sandboxed-tor-browser/internal/sandbox/application.go | 8 ++++++++ src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go index e676955..1e38adc 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go @@ -458,6 +458,14 @@ func RunTor(cfg *config.Config, torrc []byte) (cmd *exec.Cmd, err error) { h.stderr = logger if !cfg.Tor.UseBridges { h.seccompFn = installTorSeccompProfile + + // The tor daemon only uses this to calculate MaxMemInQueues, + // which is a relay thing, so this can safely be disabled. + // + // Not sure about what to do wrt pluggable transports yet, + // obfs4proxy seems to function fine, and the reads it does + // look innocent enough, but more investigation is needed. + h.mountProc = false } else { h.seccompFn = installBasicSeccompBlacklist } diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go index a0b614b..2877d45 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go @@ -265,7 +265,7 @@ func (h *hugbox) run() (*exec.Cmd, error) { pendingWrites := [][]byte{argsBuf} pendingWrites = append(pendingWrites, h.fileData...)

- Debugf("sandbox: fdArgs: %v", h.args) + Debugf("sandbox: fdArgs: %v", fdArgs)

// Fork/exec. cmd.Start()