[tor-bugs] #18397 [Core Tor/Tor]: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 4 21:14:52 UTC 2016
#18397: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall
-------------------------------------------------+-------------------------
Reporter: fowlslegs | Owner: nickm
Type: defect | Status:
Priority: High | needs_information
Component: Core Tor/Tor | Milestone: Tor:
Severity: Major | 0.2.???
Keywords: seccomp, sandbox, getsockopt, | Version: Tor:
027-backport | 0.2.7.6
Parent ID: | Resolution:
Reviewer: | Actual Points:
| Points:
| Sponsor:
-------------------------------------------------+-------------------------
Comment (by Jigsaw52):
I was able to reproduce this issue with the following configuration:
OS: Ubuntu Server 16.04 64bits
Minimal virtual machine install option chosen when installing (F4 menu).
tor version: 0.2.7.6 (git-605ae665009853bd)
Packages installed:
tor
apparmor-profiles
apparmor-profiles-extra
Virtualization software: virtualbox 5.0.24
Host OS: Ubuntu Server 15.10 64bits
systemd uses the following command to start tor: /usr/bin/tor --defaults-
torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc
--RunAsDaemon 0
tor is started under user debian-tor
The only changes in the torrc config file where:
- enabling debug log
- adding Sandbox 1
Relevant files (tor-service-defaults-torrc, torrc and debug.log) are
attached.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18397#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list