[tor-bugs] #24979 [Core Tor/Torsocks]: torsocks could support ptrace sandboxing
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 23 14:59:25 UTC 2018
#24979: torsocks could support ptrace sandboxing
-----------------------------------+---------------------
Reporter: Hello71 | Owner: dgoulet
Type: enhancement | Status: new
Priority: Low | Milestone:
Component: Core Tor/Torsocks | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-----------------------------------+---------------------
pros:
- 'fixes' SIP, suid, caps
- fixes static binaries
cons:
- kind of a pain to implement
- DNS would require actual parsing, which is apparently a hard problem
even for 'minimal' implementations:
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-
dhcp.html. I think an initial hybrid implementation could punt on this,
and it would still fix the ugly hack of hardcoding SIP paths.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24979>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list