[tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 8 21:37:09 UTC 2020
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
-------------------------------------------+-------------------------------
Reporter: Jigsaw52 | Owner: (none)
Type: defect | Status: needs_review
Priority: Medium | Milestone: Tor:
| 0.4.4.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: nss sandbox seccomp backport? | Actual Points:
Parent ID: | Points:
Reviewer: nickm | Sponsor:
-------------------------------------------+-------------------------------
Comment (by Jigsaw52):
Replying to [comment:5 teor]:
> Replying to [comment:4 Jigsaw52]:
> > This bug exists since the --enable-nss flag was implemented in
tor-0.3.5.1-alpha.
> > I've updated the changes file.
> >
> > I can reproduce the problem on 0.3.5.1-alpha but this patch is not
enough to fix it in that version, it crashes with a call to setsockopt.
Some change in the sandbox rules for setsockopt or removal of code that
called setsockopt must have happened between this version and the current
master.
>
> Can you try 0.3.5.10 ?
>
> We've fixed some general seccomp sandbox bugs recently, like #29819 in
0.3.5.10.
I've tested it. The patch works on 0.3.5.10.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34130#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list