[tor-commits] [sandboxed-tor-browser/master] Mostly revert 7ad0525c601aa45414f56193760e3d08dd9cdae4

yawning at torproject.org yawning at torproject.org
Fri Dec 9 00:50:44 UTC 2016 

commit 031521f8aebc75fb29d1b02f16125ed4a3d77647
Author: Yawning Angel <yawning at schwanenlied.me>
Date:   Fri Dec 9 00:49:11 2016 +0000

    Mostly revert 7ad0525c601aa45414f56193760e3d08dd9cdae4
    
    I forgot why I didn't do this in the first place, till I remembered that
    all my systems I've been testing on recently have USER_NS in one form or
    another.
---
 data/group                                         |  1 -
 data/passwd                                        |  1 -
 .../internal/sandbox/hugbox.go                     | 22 ++++++++++------------
 3 files changed, 10 insertions(+), 14 deletions(-)

diff --git a/data/group b/data/group
deleted file mode 100644
index cbaebb5..0000000
--- a/data/group
+++ /dev/null
@@ -1 +0,0 @@
-amnesia:x:1000:
diff --git a/data/passwd b/data/passwd
deleted file mode 100644
index bed4f72..0000000
--- a/data/passwd
+++ /dev/null
@@ -1 +0,0 @@
-amnesia:x:1000:1000:Debian Live User,,,:/home/amnesia:/bin/bash
diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
index 98b2ec7..c52c879 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
@@ -35,7 +35,7 @@ import (
 )
 
 type unshareOpts struct {
-	// user   bool
+	user   bool
 	ipc    bool
 	pid    bool
 	net    bool
@@ -46,10 +46,9 @@ type unshareOpts struct {
 func (u *unshareOpts) toArgs() []string {
 	var args []string
 
-	// A new user namespace is created unconditionally, so that gid/uids
-	// can be normalized.
-	args = append(args, "--unshare-user")
-
+	if u.user {
+		args = append(args, "--unshare-user")
+	}
 	if u.ipc {
 		args = append(args, "--unshare-ipc")
 	}
@@ -225,11 +224,10 @@ func (h *hugbox) run() (*exec.Cmd, error) {
 	if h.chdir != "" {
 		fdArgs = append(fdArgs, "--chdir", h.chdir)
 	}
-
-	fdArgs = append(fdArgs, "--uid", "1000")
-	fdArgs = append(fdArgs, "--gid", "1000")
-	h.assetFile("/etc/passwd", "passwd")
-	h.assetFile("/etc/group", "group")
+	passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live User,,,:/home/amnesia:/bin/bash\n", os.Getuid(), os.Getgid())
+	groupBody := fmt.Sprintf("amnesia:x:%d:\n", os.Getgid())
+	h.file("/etc/passwd", []byte(passwdBody))
+	h.file("/etc/group", []byte(groupBody))
 
 	if h.fakeDbus {
 		h.setupDbus()
@@ -373,7 +371,7 @@ type bwrapInfo struct {
 func newHugbox() (*hugbox, error) {
 	h := &hugbox{
 		unshare: unshareOpts{
-			// user:   true,
+			user:   false, // No point, not enough USER_NS support.
 			ipc:    true,
 			pid:    true,
 			net:    true,
@@ -382,7 +380,7 @@ func newHugbox() (*hugbox, error) {
 		},
 		hostname:     "amnesia",
 		mountProc:    true,
-		runtimeDir:   filepath.Join("/run", "user", "1000"),
+		runtimeDir:   filepath.Join("/run", "user", fmt.Sprintf("%d", os.Getuid())),
 		homeDir:      "/home/amnesia",
 		pdeathSig:    syscall.SIGTERM,
 		standardLibs: true,

More information about the tor-commits mailing list