[tor-bugs] #5220 [Tor Client]: Intelligently use capabilities/privileges and drop what we don't need for Debian Gnu/Linux
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Mar 2 20:06:49 UTC 2012
#5220: Intelligently use capabilities/privileges and drop what we don't need for
Debian Gnu/Linux
-------------------------+--------------------------------------------------
Reporter: ioerror | Owner:
Type: enhancement | Status: needs_information
Priority: major | Milestone: Tor: unspecified
Component: Tor Client | Version: Tor: unspecified
Keywords: security | Parent: #5219
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by nickm):
> It would only have access to encrypted traffic coming in and out, no
access to any keys, no access to the file system.
Do unix capabilities systems actually let you drop FS capabilities? As
near as I can tell, on Linux, the only stuff in capabilities(7) is stuff
that root is allowed to do.
Things like selinux and apparmor let you restrict programs more, but I
don't know if there's a good way for a process to restrict itself.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5220#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list