[tor-bugs] #29819 [Core Tor/Tor]: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Dec 14 15:27:52 UTC 2019


#29819: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4
-----------------------------------+------------------------------------
 Reporter:  toralf                 |          Owner:  nickm
     Type:  defect                 |         Status:  assigned
 Priority:  Medium                 |      Milestone:  Tor: 0.4.0.x-final
Component:  Core Tor/Tor           |        Version:  Tor: unspecified
 Severity:  Normal                 |     Resolution:
 Keywords:  crash, linux, sandbox  |  Actual Points:
Parent ID:                         |         Points:  2-10
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------------------

Comment (by pege):

 Took a bit longer for me to get to test this but finally I found some
 time. So, as discussed (much) earlier, I created a patch to deny syscalls
 by means of EPERM (https://gitlab.com/pgerber/tor/commits/bug29819-2).

 I did some testing, in particular I've run my patch on an exit relay, on
 an non-exit relay, as a hidden service provider and as a client for some
 time. I came across some issues when reloading the config but couldn't
 find anything that worked before and broke or changed in behavior because
 of my patch or the update to libseccomp v0.2.4.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29819#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list