[tor-bugs] #28358 [Core Tor/Tor]: Nyx forces Tor error: sandbox_getaddrinfo(): Bug: (Sandbox) failed to get address

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Dec 14 22:26:45 UTC 2018 

#28358: Nyx forces Tor error: sandbox_getaddrinfo(): Bug: (Sandbox) failed to get
address
--------------------------+------------------------------------
 Reporter:  wagon         |          Owner:  (none)
     Type:  defect        |         Status:  closed
 Priority:  Medium        |      Milestone:  Tor: 0.4.0.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.3.4.9
 Severity:  Normal        |     Resolution:  fixed
 Keywords:  sandbox       |  Actual Points:
Parent ID:                |         Points:
 Reviewer:  dgoulet       |        Sponsor:
--------------------------+------------------------------------

Comment (by wagon):

 > Did some modification to make it work
 Let me ask more. As I see it
 [[https://gitweb.torproject.org/tor.git/tree/doc/tor.1.txt|here]],
 > When the `Sandbox` is 1, the following options can not be changed when
 tor is running:
 > ...
 > `ClientOnionAuthDir` (and any files in it won't reload on HUP signal).

 > Launching new Onion Services through the control port is not supported
 with current syscall sandboxing implementation.
 Does it mean that onionshare-like utilities will not work with sandboxed
 Tor? So, users have to choose to either (1) run Tor in insecure way with
 working secure file sharing or (2) run Tor in a secure way without file
 sharing at all. Sounds not good.

 What are the exact restrictions on v3 onions? So, on the fly:
 1. Auth for already existing onion services (added via filesystem) cannot
 be added, deleted or changed through `ControlPort` or through files (both
 on client side and on server side).
 3. New onion service (server side) cannot be added by either method:
 through files or through `Controlport`.
 4. No any means to deactivate already running onion service (on server
 side).
 Is it correct? In other words, no any change to configuration of onion
 service can be done on the fly (both on client side and on server side).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28358#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list