[tor-bugs] #24037 [Core Tor/Torsocks]: Use syscall blacklist rather than whitelist for torsocks
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 4 08:52:30 UTC 2017
#24037: Use syscall blacklist rather than whitelist for torsocks
-------------------------------+------------------------------
Reporter: cypherpunks | Owner: dgoulet
Type: enhancement | Status: needs_review
Priority: Medium | Milestone:
Component: Core Tor/Torsocks | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------+------------------------------
Comment (by cypherpunks):
>implement the first solution
Nice! 33 insertions, 576 deletions. Great to see an alternative that gets
rid of so much bad code. I'm working on the second solution myself (at
least once #24400 is resolved so `SocksPort` doesn't break on UNIX domain
sockets with the sandbox), but I think the two solutions can go hand in
hand, as the second solution, while more secure, is Linux-specific.
>that part probably needs review
I don't think this will be an issue once torsocks no longer uses a
whitelist. It seems to be more related to #24116, where the `mmap()`
wrapper requires using `mmap()` to initialize memory, but can't be
initialized until the syscall runs, resulting in a deadlock. There is no
danger security-wise to allowing that syscall.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24037#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list