[tor-bugs] #24198 [Core Tor/Tor]: (Sandbox) Caught a bad syscall attempt (syscall kill)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 9 14:31:30 UTC 2017
#24198: (Sandbox) Caught a bad syscall attempt (syscall kill)
--------------------------+------------------------------------
Reporter: asn | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version: Tor: 0.3.2.4-alpha
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points: 0.1
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by dgoulet):
strace output in my case:
{{{
19360 openat(AT_FDCWD, "/etc/hosts", O_RDONLY|O_CLOEXEC) = 257
19360 --- SIGSYS {si_signo=SIGSYS, si_code=SYS_SECCOMP,
si_call_addr=0x7f7d90ab667e, si_syscall=__NR_openat,
si_arch=AUDIT_ARCH_X86_64} ---
}}}
It is the first file being opened _after_ the seccomp sandbox has been
applied. Our sandbox code only considers "open()" to touch that file:
{{{
OPEN("/etc/hosts");
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24198#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list