[tor-bugs] #22950 [Applications/Tor Browser Sandbox]: Filter out X11 root window property queries.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 19 06:18:53 UTC 2017
#22950: Filter out X11 root window property queries.
----------------------------------------------+-------------------------
Reporter: yawning | Owner: yawning
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: sandbox-fingerprinting | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by cypherpunks):
The problem with Xephyr is that you need to also use a MAC or chroot to
prevent the process from accessing the root X11 cookie, which is not as
easy as running Xephyr. It's certainly doable, but how many people are
going to do it?
I think a better idea is to use `XGrabKeyboard()` in Tor Browser, which
will prevent other applications from snooping on passwords being typed
into the browser. See
https://tronche.com/gui/x/xlib/input/XGrabKeyboard.html. Many security-
critical programs do this, like OpenSSH and GnuPG. We should think of
doing it here, too.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22950#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list