[tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Apr 8 09:55:33 UTC 2018


#25737: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
--------------------------------------+--------------------------
 Reporter:  cypherpunks               |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by teor):

 xpcproxy is a macOS system service involved in RPC setup:
 https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man8/xpcproxy.8.html

 Does Firefox use it to set up multiprocess mode?
 Even if it does, it seems really unusual for a RPC process to be making
 remote connections.
 Do you know what the DNS query was for that IP address?

 If you're using LittleSnitch as your application firewall, it sometimes
 logs connections against the wrong process. If the underlying bug is a
 kernel bug, then all application firewalls could be affected on macOS.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25737#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list