[tor-bugs] #16579 [Tor]: (Sandbox) Caught a bad syscall attempt (syscall socket)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 15 00:41:17 UTC 2015
#16579: (Sandbox) Caught a bad syscall attempt (syscall socket)
-----------------------------+--------------------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: 0.2.7.1-alpha
Resolution: | Keywords: 026-backport
Actual Points: | Parent ID:
Points: |
-----------------------------+--------------------------------
Comment (by cypherpunks):
Thanks for feedback.
@nickm
we have may have a least two options:
* allow full socket() syscall at seccomp filter (I dont like it because
socket() can be used to leak data outside of tor process)
* check for seccomp=true && linux=true && syslog conf option && syslog
daemon not listening via fd and deal with that gracefully
Maybe it is possible to define socket() syscall _with_ explicit option
data at seccomp filter?
In the Meantime let's wait for Pluto pictures :)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16579#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list