[tor-bugs] #3313 [Tor Client]: Security enhancement against malware for Tor

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Mon May 30 18:10:28 UTC 2011 

#3313: Security enhancement against malware for Tor
-------------------------+--------------------------------------------------
 Reporter:  ioerror      |          Owner:  ioerror         
     Type:  enhancement  |         Status:  new             
 Priority:  normal       |      Milestone:                  
Component:  Tor Client   |        Version:  Tor: unspecified
 Keywords:               |         Parent:                  
   Points:               |   Actualpoints:                  
-------------------------+--------------------------------------------------
 I've written a small patch that helps disable ptracing Tor on modern Linux
 systems. It may also work on *BSD but I haven't tested it on anything
 except Ubuntu 11.04 on x86_64.

 Here's the git branch off of a very recent master:
 https://gitweb.torproject.org/ioerror/tor.git/shortlog/refs/heads/DisableDebuggerAttachment

 When this is running you'll not be able to attach to the Tor unless you're
 root, even if you're running Tor as the same user as gdb/strace/etc:

 {{{
 % gdb -p 31053
 GNU gdb (Ubuntu/Linaro 7.2-1ubuntu11) 7.2
 Copyright (C) 2010 Free Software Foundation, Inc.
 License GPLv3+: GNU GPL version 3 or later
 <http://gnu.org/licenses/gpl.html>
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
 and "show warranty" for details.
 This GDB was configured as "x86_64-linux-gnu".
 For bug reporting instructions, please see:
 <http://www.gnu.org/software/gdb/bugs/>.
 Attaching to process 31053
 Could not attach to process.  If your uid matches the uid of the target
 process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
 again as the root user.  For more details, see
 /etc/sysctl.d/10-ptrace.conf
 ptrace: Operation not permitted.
 }}}

 {{{
 % strace -p 31053
 attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted
 Could not attach to process.  If your uid matches the uid of the target
 process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
 again as the root user.  For more details, see
 /etc/sysctl.d/10-ptrace.conf
 }}}

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3313>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list