#29819: Seccomp: sandbox crash on rt_sigaction with libseccomp 0.2.4 -----------------------------------+------------------------------------ Reporter: toralf | Owner: nickm Type: defect | Status: assigned Priority: Medium | Milestone: Tor: 0.4.0.x-final Component: Core Tor/Tor | Version: Tor: unspecified Severity: Normal | Resolution: Keywords: crash, linux, sandbox | Actual Points: Parent ID: | Points: 2-10 Reviewer: | Sponsor: -----------------------------------+------------------------------------ Changes (by nickm):
* points: 0.2 => 2-10 Comment: pege -- the EPERM idea seems plausible, if it works. Do you have time to try it out? Otherwise, the only workable idea I can think of is to rearchitect how we handle filesystem interactions in the sandbox. We should really have an trusted unsandboxed process whose job it is to open files for the main process, and pass them back over a pipe. This would let us support more sandboxing techniques, and allow us to throw out our immutable-string hacks. It would be a lot of work though, and I don't see where we have time to do it in our current roadmap. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29819#comment:21> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs