[tor-talk] restricting output to the tor process, when using Tor browser

Mirimir mirimir at riseup.net
Wed Jan 29 00:09:00 UTC 2020

On 01/28/2020 04:21 AM, Nicolas Vigier wrote:
> On Mon, 27 Jan 2020, Mirimir wrote:
>> But, in a Debian VM running Tor browser, I found that the tor process is
>> running as the login user. And so iptables is totally useless.
>> However, it's apparently easy to start Tor browser as its own user,
>> using Micah Lee's torbrowser-launcher.[0] Is that a prudent solution?
>> 0)
>> https://medium.com/@jamesmacwhite/running-the-tor-browser-on-kali-linux-the-proper-way-d33a38b54e96
> I think what is on this page does not solve your issue as they run both
> the browser and the tor daemon (started by the browser) as the same user.

Oh, right. So I could allow output by whatever uid-owner I created, and
block all other users. That would prevent random malware from bypassing
Tor. But it wouldn't prevent compromised Tor browser from doing it.

So somehow I just need to have the tor process run as a unique user.

I created a user tbtor as described in the post that I cited, and tried
tweaking the Tor browser torrc:

> User tbtor

But the tor process crashes. I'm guessing that this is breaking the
process of starting as root, and dropping capabilities. But I'm not
sure, and in any case don't know how to fix it.

> What you can do is run tor using the debian tor package, and configure
> Tor Browser to use the system tor daemon (instead of starting its own):
> https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#UsinganExistingTorProcess

I've read in Tor.SE that the Tor browser torrc is optimized. So using
tor with default torrc is less anonymous. I suppose that one could just
use the Tor browser torrc. But I guess that I'll play with it.

More information about the tor-talk mailing list