[tor-bugs] #20781 [Applications/Tor Browser Sandbox]: Figure out how to sandbox meek in a sensible way.

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Nov 26 18:33:46 UTC 2016


#20781: Figure out how to sandbox meek in a sensible way.
----------------------------------------------+-------------------------
 Reporter:  yawning                           |          Owner:  yawning
     Type:  enhancement                       |         Status:  new
 Priority:  Medium                            |      Milestone:
Component:  Applications/Tor Browser Sandbox  |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:  meek                              |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+-------------------------

Comment (by yawning):

 I assume meek with firefox running as a helper will be affected by #20283
 since it is an upstream issue, and I just removed `/proc` from the tor
 container.

 Fixing this the right way is also going to be tricky since I'm fairly sure
 the tor container won't be able to see sockets from the meek container,
 and PTs don't support AF_LOCAL yet, so `sandboxed-tor-browser` probably
 will need to shuffle bytes back and forth between the two.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20781#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list