[tor-bugs] #29819 [Core Tor/Tor]: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Apr 18 14:44:01 UTC 2019 

#29819: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4
-----------------------------------+------------------------------------
 Reporter:  toralf                 |          Owner:  nickm
     Type:  defect                 |         Status:  assigned
 Priority:  Medium                 |      Milestone:  Tor: 0.4.0.x-final
Component:  Core Tor/Tor           |        Version:  Tor: unspecified
 Severity:  Normal                 |     Resolution:
 Keywords:  crash, linux, sandbox  |  Actual Points:
Parent ID:                         |         Points:  0.2
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------------------

Comment (by toralf):

 I applied the 2.4.0..2.4.1 diff here at a stable Gentoo hardened and got
 not
 {{{
 t44 /etc/portage/patches/sys-libs/libseccomp-2.4.0 # tail -f
 /tmp/notice.log
 Apr 18 16:40:34.000 [notice] Bootstrapped 20% (onehop_create):
 Establishing an encrypted directory connection
 Apr 18 16:40:34.000 [notice] Bootstrapped 25% (requesting_status): Asking
 for networkstatus consensus
 Apr 18 16:40:34.000 [notice] Bootstrapped 30% (loading_status): Loading
 networkstatus consensus
 Apr 18 16:40:34.000 [notice] I learned some more directory information,
 but not enough to build a circuit: We have no usable consensus.
 Apr 18 16:40:34.000 [notice] Bootstrapped 40% (loading_keys): Loading
 authority key certs
 Apr 18 16:40:34.000 [warn] Could not open "/var/lib/tor/data/unverified-
 microdesc-consensus" for mmap(): Permission denied
 Apr 18 16:40:34.000 [notice] I learned some more directory information,
 but not enough to build a circuit: We have no usable consensus.
 Apr 18 16:40:44.000 [notice] Application request when we haven't used
 client functionality lately. Optimistically trying directory fetches
 again.
 Apr 18 16:40:47.000 [notice] Application request when we haven't used
 client functionality lately. Optimistically trying directory fetches
 again.
 Apr 18 16:40:47.000 [notice] Application request when we haven't used
 client functionality lately. Optimistically trying directory fetches
 again.
 }}}
 The perms are:
 {{{
 t44 /etc/portage/patches/sys-libs/libseccomp-2.4.0 # ls -l
 /var/lib/tor/data/
 total 12108
 -rw------- 1 tor tor   20442 Apr 18 16:40 cached-certs
 -rw------- 1 tor tor 2110905 Apr 18 16:16 cached-microdesc-consensus
 -rw------- 1 tor tor 5965233 Apr 11 18:20 cached-microdescs
 -rw------- 1 tor tor 2163133 Apr 18 16:17 cached-microdescs.new
 -rw------- 1 tor tor      32 Apr 18 16:40 control_auth_cookie
 drwx------ 1 tor tor     224 Aug 18  2017 keys
 -rw------- 1 tor tor       0 Apr 18 16:40 lock
 -rw------- 1 tor tor   12212 Apr 18 16:40 state
 -rw------- 1 tor tor 2111522 Apr 18 16:40 unverified-microdesc-consensus
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29819#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list