[tor-bugs] #16010 [Applications/Tor Browser]: Get a working content process sandbox for Tor Browser on Windows
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Aug 11 11:28:56 UTC 2017
#16010: Get a working content process sandbox for Tor Browser on Windows
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
| team
Type: task | Status:
| needs_information
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: ff52-esr, tbb-e10s, tbb-gitian, | Actual Points:
tbb-security, TorBrowserTeam201708, |
GeorgKoppen201708 |
Parent ID: | Points:
Reviewer: | Sponsor:
| Sponsor4
-------------------------------------------------+-------------------------
Changes (by gk):
* status: new => needs_information
Comment:
I've made some test builds enabling content sandboxing, please test them
and report back in case things explode for you:
https://people.torproject.org/~gk/testbuilds/torbrowser-install-16010
-cs0_en-US.exe
https://people.torproject.org/~gk/testbuilds/torbrowser-install-16010
-cs0_en-US.exe.asc
The branch this build is based upon is
https://gitweb.torproject.org/user/gk/tor-browser.git/log/?h=bug_16010_v2
It has the patch in this bug applied and makes sure the sandbox is
compiled and its level is set to 0. Having it on level 0 does not do much
to make the browsing experience safer, but it's a good starting point for
making sure Tor Browser is running at all with sandboxing enabled adnd for
tightening it towards level 1 (and higher) step-by-step while fixing
issues as they come up.
The plan is to get as much of the level 1 mitigations enabled as fast as
possible isolating the problematic ones to get them fixed easier.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16010#comment:45>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list