[tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 2 05:15:18 UTC 2018
#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-------------------------------------------------+-------------------------
Reporter: yawning | Owner:
| pospeselr
Type: defect | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security, tbb-sandboxing, | Actual Points:
TorBrowserTeam201802R |
Parent ID: #20775 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by yawning):
Oh hey, I was right.
Regarding the patch:
* I'm not sure if checking that the URI scheme is file is the correct
long term fix (eg: #20337), but that bridge can be burnt when someone gets
there.
* Should this apply to OSX as well? I do not know how OSX's process
sandboxing stuff works, or what options it has for limiting what a process
can do.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22794#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list