[tor-bugs] #20844 [Applications/Tor Browser Sandbox]: Inform me about sandbox violations

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 5 03:40:27 UTC 2016


#20844: Inform me about sandbox violations
----------------------------------------------+-------------------------
 Reporter:  arma                              |          Owner:  yawning
     Type:  defect                            |         Status:  new
 Priority:  Medium                            |      Milestone:
Component:  Applications/Tor Browser Sandbox  |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:                                    |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+-------------------------

Comment (by cypherpunks):

 >Apparently another option is that the kernel could send the process a
 SIGSYS signal. So in that case my browser would die with a sigsys signal,
 and I could conclude that apparently a sandbox violation occurred.
 If it's allowed to catch the signal, what's to stop a hijacked Firefox
 from ignoring it? The only signals which cannot be caught are `SIGKILL`
 and `SIGSTOP`. Others can be trapped or maliciously ignored.
 > "weird issues with x86 32 bit systems forgetting whitelisted syscalls"
 Why is it permitting x86_x32 syscalls? They have questionable benefits and
 a history of vulnerabilities. Firefox does not make use of the x32 ABI
 anyway.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20844#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list