[tor-dev] Starting Tor from Python using Ctypes improving Sandboxing?

19 Apr 2014


      Hi,
currently starting Tor from an python application using existing
frameworks (such as txtorconn) provide limits related to the
capabilities of sandboxing the application itself with AppArmor.
If you want to start Tor from your own application, then you must enable
such application to "execute" an external binary called /usr/bin/tor .
I'm wondering if anyone ever tried to start Tor from a Python
application using Ctypes, to start the Tor "main()", placing the Tor
process into a dedicated Python's application Thread.
That way it would be possible to sandbox the Python application using
AppArmor without enabling any kind of execve() call.
Does anyone ever tried this?
-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[tor-dev] Starting Tor from Python using Ctypes improving Sandboxing?