Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by pospeselr):

 Bug for uplift has been created here:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1441327

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by gk):

 * sponsor:   => Sponsor4


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Looks good to me and applied to `tor-browser-52.6.0esr-8.0-2` (commit
 eafaa94a613a326bd13234540fe88b86451ee3e9).

 Leaving the remaining things to Richard:

 1) Comment on #20337
 2) Open a bug in Mozilla's bug tracker and trying to get this patch
 upstreamed for ESR60.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 r=mcs
 The latest patch looks good to me, and it compiles and seems to work on
 macOS.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by pospeselr):

 Yeah so long as the seccomp policies for AF_INET6 socket creation doesn't
 kill the calling thread, the existing Firefox code gracefully handles
 socket creation failure.

 In the event that we want to enable such a strict policy for the sandbox
 the relevant code in nsSOCKSIOLayer.cpp's nsSOCKSIOLayerAddToSocket() can
 probably be safely refactored to ignore the IPv6 detection if the desired
 socket family is AF_LOCAL.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "0001-Bug-22794-Don-t-open-AF_INET-AF_INET6-sockets-
 when-A.patch" added.

 updated patch to also be enabled on macOS rather than just Linux

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "0001-Bug-22794-Don-t-open-AF_INET-AF_INET6-sockets-
 when-A.patch" removed.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 Replying to [comment:20 yawning]:
 > Oh hey, I was right.
 >
 > Regarding the patch:
 >  * I'm not sure if checking that the URI scheme is file is the correct
 long term fix (eg: #20337), but that bridge can be burnt when someone gets
 there.

 Agreed. Richard, if we keep the `"file://"` prefix test, please add a
 comment to #20337 so we don't forget about this loose end.

 >  * Should this apply to OSX as well?  I do not know how OSX's process
 sandboxing stuff works, or what options it has for limiting what a process
 can do.

 I think we might as well apply the patch to OSX as well since it may be
 useful there. The not-really-awesome OSX sandboxing prototype that Kathy
 and I created a while ago does use the older mechanism of the ones that
 teor discussed (sandbox-exec).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by yawning):

 For what it's worth, I'm of the opinion that the `AF_INET6` socket being
 created is probably fine, as long as the browser isn't rendered non-
 functional if `AF_INET6` isn't supported.

 This can be revisited if/when people want to write seccomp rules that will
 kill (rather than gently reject) proscribed calls, but I don't think
 that's realistic at the moment.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 macOS legacy sandbox support has:
 {{{
  #include 
 ...
  kSBXProfileNoInternet  TCP/IP networking is prohibited.
 DEPRECATED.

  kSBXProfileNoNetwork   All sockets-based networking is
 pro-
 hibited.  DEPRECATED.
 }}}

 sandbox-exec is also legacy, but it works from the command line:
 https://paolozaino.wordpress.com/2015/10/20/maximum-security-and-privacy-
 using-mac-os-sandbox-and-tor-browser-bundle/

 Unfortunately, the replacement API doesn't seem to distinguish between
 TCP/IP and unix sockets. We'd need to do some testing.
 {{{
 com.apple.security.network.client

 Network socket for connecting to other machines

 com.apple.security.network.server

 Network socket for listening for incoming connections initiated by other
 machines
 }}}
 
https://developer.apple.com/library/content/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/EnablingAppSandbox.html#//apple_ref/doc/uid/TP40011195-CH4-SW9

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by yawning):

 Oh hey, I was right.

 Regarding the patch:
  * I'm not sure if checking that the URI scheme is file is the correct
 long term fix (eg: #20337), but that bridge can be burnt when someone gets
 there.
  * Should this apply to OSX as well?  I do not know how OSX's process
 sandboxing stuff works, or what options it has for limiting what a process
 can do.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * keywords:  tbb-security, tbb-sandboxing, TorBrowserTeam201801 => tbb-
 security, tbb-sandboxing, TorBrowserTeam201802R
 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201801   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "0001-Bug-22794-Don-t-open-AF_INET-AF_INET6-sockets-
 when-A.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201801   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by yawning):

 Really though, just look at `nsSOCKSIOLayer`.

  1. All outgoing SOCKS connections made by firefox start out their lives
 as `AF_INET` sockets. (Assumption, firefox code gives me a headache, but
 it matches the trace output).
  2. When firefox actually goes to connect to the proxy (`ConnectToProxy`),
 the `FixupAddressFamily` routine is called.
  3. `FixupAddressFamily` checks to see if the proxy actually is reachable
 via an `AF_INET` socket, and if not, opens a new file descriptor with the
 correct domain.

 What appears to have happened judging for a cursory inspection of the file
 history was:

   1. Back in the day, this was only expected to handle `AF_INET`, because
 "this IPng thing will never happen".
   2. When `AF_INET6` support was required, it was kludged on this way.
   3. When `AF_UNIX` (and Windows pipes or whatever that's also in the
 code) support was required, the kludge was enhanced.

 Which is great if the only reason you want something like `AF_UNIX` is to
 use `AF_UNIX` socket for the hell of it, and not so great if you want use
 something like seccomp to prohibit `AF_INET`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201801   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by yawning):

 Apparently someone really wanted to be able to see this with seccomp, so I
 attached a trivial program that uses libseccomp to initialize a filter
 that will reject `socket(AF_INET[6], ..., ...)` by SIGSYSing the thread.

 Usage:

  1. Compile it.
  2. Set the required env vars to get Tor Browser to talk to a external tor
 process over AF_UNIX sockets.
  3. Run it from the root of a tor browser installation (It calls
 `system("Browser/start-tor-browser");` because it's a trivial test case
 and I'm lazy).
  4. Watch in horror as nothing works.
  5. Run it with strace to see the socket thread traces ending abruptly
 with `+++ killed by SIGSYS +++`.

 The control port appears to work, but any attempt to use the socks port
 get stomped on, so I'm basically convinced that the root cause is the
 non-`AF_INET` socket support in `nsSOCKSIOLayer` being a steaming pile of
 shit.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201801   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by yawning):

 * Attachment "seccomp-browser.c" added.

 seccomp based test case.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201801   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by yawning):

 I looked at this a bit more writing an e-mail explaining the issue to
 pospeselr, and I strongly suspect that at least some of the behavior (the
 strace output) can be explained by this:

 https://github.com/mozilla/gecko-
 
dev/blob/1d9f00cb8d2088fccb7a611a34be655b9fa9fec1/netwerk/socket/nsSOCKSIOLayer.cpp#L601

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201801   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * cc: mcs (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201801   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * owner:  tbb-team => pospeselr
 * status:  new => assigned


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201707   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
-+-
 Reporter:  yawning  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-sandboxing,|  Actual Points:
  TorBrowserTeam201707   |
Parent ID:  #20775   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-security, tbb-sandboxing => tbb-security, tbb-sandboxing,
 TorBrowserTeam201707


Comment:

 Hm, I wonder what is going on here. Putting it on our radar.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
--+--
 Reporter:  yawning   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security, tbb-sandboxing  |  Actual Points:
Parent ID:  #20775| Points:
 Reviewer:|Sponsor:
--+--
Changes (by intrigeri):

 * cc: intrigeri (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22794 [Applications/Tor Browser]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.

[Tor Bug Tracker & Wiki]

#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
--+--
 Reporter:  yawning   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security, tbb-sandboxing  |  Actual Points:
Parent ID:  #20775| Points:
 Reviewer:|Sponsor:
--+--
Changes (by yawning):

 * owner:  yawning => tbb-team
 * component:  Applications/Tor Browser Sandbox => Applications/Tor Browser


Comment:

 It also helps if I file this against the correct component.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs