[tbb-bugs] #8918 [Applications/Tor Browser]: Windows paging file contains Tor Browser Bundle filename

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Mar 7 08:01:27 UTC 2017

#8918: Windows paging file contains Tor Browser Bundle filename
 Reporter:  runa                      |          Owner:  tbb-team
     Type:  defect                    |         Status:  reopened
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-disk-leak             |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:

Comment (by cypherpunks):

 Replying to [comment:5 gk]:
 > Please, don't invent new keywords out of the box and don't close tickets
 even if there is no obvious workaround or fix imaginable at the moment.
 Unless you encrypt all of Firefox's memory with an encryption key, and put
 that encryption key in non-paged memory, then you're not going to be able
 to keep all of Firefox off of the disk. Imagine how bad the performance
 hit for that would be! Forget the filename for the executable, everything
 in memory for Firefox is eligible to be paged out to the disk. Just like
 Linux's `mlock()`, Windows' `VirtualLock()` imposes a limit on how many
 pages you are allowed to lock per process. If Windows is anything at all
 like Linux in how it handles locked, non-paged memory (which I believe), I
 would have closed this ticket too.

 The real solution for Windows for the stated threat model is to run this
 in cmd.exe, running as Administrator, in order to encrypt the paging file
 with a key stored in memory:

 `fsutil behavior set EncryptPagingFile 1`

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8918#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list