[tbb-dev] Sandboxing Tor Browser - A New Beginning (?)

Yawning Angel yawning at schwanenlied.me
Fri Jul 6 16:12:50 UTC 2018

On 07/03/2018 06:03 PM, Matthew Finkel wrote:
> On GNU/Linux, we can use the namespacing and secure computing (Secure
> Computing) facilities in the kernel exposed to userspace. Sandboxed Tor Browser
> on Linux already shows how these can be combined and form a sandbox. In
> particular, we can use bubblewrap[14] as a setuid sandboxing helper (if user
> namespace is not enabled), if it is available. In addition, we can reduce the
> syscall surface area with Seccomp-BFP. CGroups provide a way for limiting the
> resources available within the sandbox. We may also want to manually
> proxy/filter other system functionality (X11).

On a side note, on Linux you could also use flatpack if you:
 * Make 2 packages, one for the browser, one for tor + PTs.
 * Fix the browser to treat tor-button, NoScript, and HTTPSE along with
all the prefs as system components.  (As in, Tor Browser should be able
to be shipped without a default profile directory, and Do The Right Thing).


Yawning Angel

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20180706/9f48e2fc/attachment.sig>

More information about the tbb-dev mailing list