[tor-bugs] #16010 [Applications/Tor Browser]: Get a working content process sandbox for Tor Browser on Windows

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 5 08:14:19 UTC 2017 

#16010: Get a working content process sandbox for Tor Browser on Windows
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  task                                 |         Status:  new
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ff52-esr, tbb-gitian, tbb-security,  |  Actual Points:
  tbb-7.0-must, TorBrowserTeam201703,            |
  GeorgKoppen201703                              |
Parent ID:  #21147                               |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor4
-------------------------------------------------+-------------------------

Comment (by gk):

 For posterity from Monday's meeting:
 {{{
 18:19:03 <tjr> I successfully built and ran a mingw build built off
 mozilla's esr52 with GeKo's patches from bug_21240 and the moz changeset
 used in that branch; then I did it again with an updated esr52 branch
 (which merged in the RegisterIdlePeriod commit). I had to add a single
 line patch to add an include to the up to date branch for some reason.
 18:19:10 <tjr> Then I took the same branch and compiled it with the
 sandbox. I used all the non-__try patches from
 https://bugzilla.mozilla.org/show_bug.cgi?id=1230910 (including the one
 that just annihilates SmartStub) AND I commented out all __try blocks so
 it should just crash immediately.
 18:19:16 <tjr> It turns out e10s was not enabled, so sandboxing (I
 believe) wasn't doing anything. youtube.com showed some messed up
 rendering on the homepage even without e10s/sbox though:
 http://imgur.com/a/7X8ZP
 18:19:30 <tjr> When I enabled it, the browser did not work at all. So
 something is breaking with regards to the sandbox. The debug build is
 blocked on the std::__throw issue
 (https://bugzilla.mozilla.org/show_bug.cgi?id=1332747). I will investigate
 a fix for that.
 18:19:39 <tjr> I also made a build trying out mingw's __try1 construct.
 This does not have the youtube artifact! But when I enable e10s it also
 doesn't work.
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16010#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list