On Sat, Jan 20, 2018 at 07:13:54PM +0000, clematis wrote: > Hello, > 'usewithtor' (torsocks) works fine with ftp and ssh but it will core > with lynx. > running: usewithtor lynx > will start lynx, resolve openbsd.org but core when trying to make the > http connection. > In /var/log/messages I get: /bsd: lynx[26197]: pledge "getpw", syscall 33 > > And running gdb lynx then core lynx.core: > --- > Reading symbols from /usr/libexec/ld.so...done. > > > Loaded symbols for /usr/libexec/ld.so > > > #0 access () at -:3 > > > 3 -: No such file or directory. > > > in - > > > Current language: auto; currently asm > --- > > same result using 'torsocks' directly and not 'usewithtor' or trying > lynx http://openbsd.org
I will reply mainly on the pledge aspect. The way torsocks is done is to replace some syscall/libc libary calls by other ones (by using LD_PRELOAD trick). The replaced functions are network related (connect(2) for example) in order to catch TCP connection and replacing it by another one wrapper on SOCKS protocol (connect to proxy, ask for particular terminaison point, and pass it to program stuff). It is some sort of MITM, but at the code program level. The pledge(2) policy done for lynx assumes a specific behaviour. By replacing some code by another, torsocks did some additional stuff not in the initial pledge policy (getting information on users with getpw family here), and the kernel detects this pledge violation. > Config: OpenBSD current + lynx-2.8.9pl16 + torsocks-1.2p4 > > Any idea on how to torify lynx? the simpler would be to use lynx options to connect to SOCKS proxy. I am unsure the current code has this possibility. But as it have HTTP proxy support, a way could be to have an HTTP proxy listener which forward its traffic to SOCKS upstream server. Polipo is a program of this kind (see socksParentProxy="localhost:9050" and socksProxyType=socks5 parameters on polipo config file). -- Sebastien Marie
