[tor-bugs] #20781 [Applications/Tor Browser Sandbox]: Figure out how to sandbox meek in a sensible way.

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Nov 26 00:34:23 UTC 2016


#20781: Figure out how to sandbox meek in a sensible way.
--------------------------------------------------+---------------------
     Reporter:  yawning                           |      Owner:  yawning
         Type:  enhancement                       |     Status:  new
     Priority:  Medium                            |  Milestone:
    Component:  Applications/Tor Browser Sandbox  |    Version:
     Severity:  Normal                            |   Keywords:
Actual Points:                                    |  Parent ID:
       Points:                                    |   Reviewer:
      Sponsor:                                    |
--------------------------------------------------+---------------------
 Right now `sandboxed-tor-browser` does not support meek at all.  This is
 suboptimal since it is popular.

 There's two ways forward from my perspective:

  * The correct fix would be to add code to spin up another sandbox
 container (since I do not think that even a neutered firefox process
 should live in the tor sandbox), for the meek helper firefox instance.

  * The quick and dirty way would be to use `meek_lite` since obfs4proxy is
 allowed, and shipped versions contain the code.  The downside is that it
 is even more distinct than meek usually is.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20781>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list