Tom Ritter tom at ritter.vg
Thu Mar 15 14:19:15 UTC 2018

45 seconds ago I just learned about the environment variable
MOZ_DISABLE_NONLOCAL_CONNECTIONS that we use in our testing
environment. It feeds through to one real location in the browser:

This isn't a sandbox. If an attacker has code execution (parent or
content process) they can make network connections manually from
system libraries and will never touch this code. But it might be a way
to add (some) assurance about browser features accidentally bypassing
the proxy.

So I'm wondering if this is something Tor Browser can set for defense
in depth. In fact, it's already in esr52:
 I tried to get Tor Browser to unset the proxy but couldn't seem to
get it to work; is there a patch that prevents this?

It would be interesting to remove the patches tagged
'tbb-proxy-bypass' (on https://torpat.ch/uplift) and see if this
prevented (some) of those.


More information about the tbb-dev mailing list