#16010: Get a working content process sandbox for Tor Browser on Windows
 Reporter:  gk                                   |          Owner:  gk
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  Very High                            |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  ff52-esr, tbb-e10s, tbb-gitian,      |  Actual Points:
  tbb-security, TorBrowserTeam201708,            |
  GeorgKoppen201708                              |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor4
Changes (by gk):

 * status:  needs_information => assigned
 * owner:  tbb-team => gk


 Replying to [comment:46 cypherpunks]:
 > Not sure what to test here...
 > > Tor Browser is running at all with sandboxing enabled
 > Level 0 means it is disabled.

 Yes, content sandboxing is disabled since Firefox 49 that way (even though
 https://wiki.mozilla.org/Security/Sandbox is currently suggesting
 otherwise). What I meant was to test whether it runs with the big patch
 applied and the configure switch removed that disabled the sandbox
 explicitly. But it seems it does, good.

 > And at Level 1 it can't even start:
 > {{{
 > NS_ERROR_UNEXPECTED: Component returned failure code: 0x8000ffff
 [nsIScriptSecurityManager.getLoadContextCodebasePrincipal]  remote-
 > TypeError: frameLoader.tabParent is null[Learn More]  remote-
 > NS_ERROR_NOT_INITIALIZED: Component returned failure code: 0xc1f30001
 (NS_ERROR_NOT_INITIALIZED) [nsIMessageSender.sendAsyncMessage]  remote-
 > }}}

 Yes, that's what I am seeing as well. Thanks for confirming.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16010#comment:47>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
tor-bugs mailing list

Reply via email to