[tor-bugs] #20283 [Applications/Tor Browser]: Tor Browser should run without a `/proc` filesystem.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 21 17:50:05 UTC 2018
#20283: Tor Browser should run without a `/proc` filesystem.
--------------------------------------+---------------------------
Reporter: yawning | Owner: pospeselr
Type: defect | Status: assigned
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-sandboxing | Actual Points:
Parent ID: #20773 | Points:
Reviewer: | Sponsor:
--------------------------------------+---------------------------
Comment (by jld):
If `SECCOMP_FILTER_FLAG_TSYNC` isn't available and `/proc/self/task` can't
be listed, the sandbox can't start. The process is already multithreaded,
so we have to signal all the threads to tell them to apply seccomp, and we
don't have access to the libc's internal list of threads (or the lock
protecting it) so we have to ask the kernel via procfs.
The single-threadedness check, however, has been removed in Firefox 60, as
part of https://bugzilla.mozilla.org/show_bug.cgi?id=1401062.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20283#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list