[tor-bugs] #31031 [Applications/Tor Browser]: Tor Browser trying to read /etc/machine-id on start

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 28 17:11:50 UTC 2019


#31031: Tor Browser trying to read /etc/machine-id on start
----------------------------+------------------------------------------
 Reporter:  rain-undefined  |          Owner:  tbb-team
     Type:  defect          |         Status:  new
 Priority:  Medium          |      Component:  Applications/Tor Browser
  Version:                  |       Severity:  Normal
 Keywords:                  |  Actual Points:
Parent ID:                  |         Points:
 Reviewer:                  |        Sponsor:
----------------------------+------------------------------------------
 Steps to reproduce:

 - Tor Browser from the official website
 - Download and enable the AppArmor profile from https://github.com/Whonix
 /apparmor-profile-torbrowser (you may need to modify 2 or 3 lines due to
 different naming, e.g. change `*-browser` to `*-browser*`)
 - Start TorBrowser
 - Inspect `/var/log/kern.log`

 You'll see a message like
 `Jun 29 01:23:45 debian kernel: [xxxxxx.xxxxxx] audit: type=1400
 audit(xxxxxxxxxx.xxx:xx): apparmor="DENIED" operation="open"
 profile="/**/*-browser*/Browser/firefox" name="/etc/machine-id" pid=xxxx
 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0`

 Not sure if this behaviour is also present in Firefox, maybe test it when
 I have time.

 ---
 Debian 10 "Buster"
 Tor Browser 8.5.3
 AppArmor 2.13.2-10

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31031>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list