[tor-bugs] #5791 [Tor bundles/installation]: Gather apparmor/selinux/seatbelt profiles for each component of TBB
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri May 25 18:00:26 UTC 2012
#5791: Gather apparmor/selinux/seatbelt profiles for each component of TBB
--------------------------------------+-------------------------------------
Reporter: arma | Owner: cypherpunks
Type: project | Status: assigned
Priority: normal | Milestone: Sponsor Z: March 1, 2013
Component: Tor bundles/installation | Version:
Keywords: | Parent: #4522
Points: | Actualpoints:
--------------------------------------+-------------------------------------
Comment(by unknown):
Replying to [comment:18 mikeperry]:
> unknown: Do you have a working SELinux module for TBB yet? Even if it
only sort of works, it would be worth attaching for review. Pastebin also
works.
I've got nothing to show for it at the moment, sorry. I'm not an expert
or skillful SELinux user and have some good experience for using SELinux
on a servers in the past and bad for a desktops without deep knowledge of
it. Last time I return to using SELinux on my desktop and have more
positive results. I'll be glad to share any useful results with Torproject
immediately but going slow in this direction.
For iptables separation described before I use not only sg command to
starting TBB with another group. A two parallel running X-sessions is used
just adding two lines in /etc/gdm/gdm.conf
{{{
[servers]
0=Standard vt7
1=Standard vt8
}}}
AFAIK it works good for some types of nonproprietary videodrivers only.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5791#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list