[tor-bugs] #5791 [Tor bundles/installation]: Gather apparmor/selinux/sandbox instructions for each component of TBB
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed May 9 01:02:53 UTC 2012
#5791: Gather apparmor/selinux/sandbox instructions for each component of TBB
--------------------------------------+-------------------------------------
Reporter: arma | Owner:
Type: project | Status: new
Priority: normal | Milestone: Sponsor Z: March 1, 2013
Component: Tor bundles/installation | Version:
Keywords: | Parent:
Points: | Actualpoints:
--------------------------------------+-------------------------------------
Comment(by mikeperry):
Replying to [comment:9 trams]:
> Note that one of the bigger issues with going apparmor/selinux is that
there is no way for the application to "opt-in" for the extra protection.
The user needs to load a profile or a module to get it contained. This
requires root privileges on the system.
Yeah, that rules them out for shipping with TBB, but they are still useful
to document because they are useful for testing purposes (#5767). In the
future, I envision a Volunteer QA team running auditing profiles to tell
them about disk leaks, proxy bypass, etc in new versions of TBB/Firefox
while testing against a suite of test pages we recommend (#5292), and also
during general usage.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5791#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list