[tor-bugs] #9460 [Tor bundles/installation]: Tor AppArmor profile prevents obfsproxy from starting

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Aug 23 15:33:45 UTC 2013


#9460: Tor AppArmor profile prevents obfsproxy from starting
--------------------------------------+-------------------------------------
 Reporter:  proper                    |          Owner:  weasel      
     Type:  defect                    |         Status:  needs_review
 Priority:  major                     |      Milestone:              
Component:  Tor bundles/installation  |        Version:              
 Keywords:                            |         Parent:  #5791       
   Points:                            |   Actualpoints:              
--------------------------------------+-------------------------------------
Changes (by proper):

  * status:  new => needs_review


Comment:

 Replying to [comment:3 weasel]:
 > I don't think Tor should have these privileges.  Putting the obfsproxy
 profiles
 > into tor just seems like a bad idea that won't scale.

 Ok.

 > I suspect the better way would be to allow starting obfsproxy in an
 unconfined
 > manner, if that's possible.

 It's possible. In that case, look for.

 {{{
   /{,var/}run/tor/control.authcookie.tmp rw,

   # Site-specific additions and overrides. See local/README for details.
   #include <local/system_tor>
 }}}

 Needs just one more line in between.


 {{{
   /{,var/}run/tor/control.authcookie.tmp rw,

   /usr/bin/obfsproxy Ux,

   # Site-specific additions and overrides. See local/README for details.
   #include <local/system_tor>
 }}}

 Quoted from http://wiki.apparmor.net/index.php/QuickProfileLanguage:

  * x - execute
   * ux - Execute unconfined (preserve environment) -- WARNING: should only
 be used in very special cases
   *   Ux - Execute unconfined (scrub the environment)

 So that should do the trick. (Tested, works for me.)

 Replying to [comment:4 intrigeri]:
 > I agree with weasel that Tor should not have all privs obfsproxy needs:
 else we're slowly defeating the whole idea of per-program confinement.

 Agreed.

 > It looks like either the Tor profile should start obfsproxy in an
 unconfined manner,

 Ok. The change above should do it.

 > or (better) the obfsproxy package should ship with its own AppArmor
 profile.

 I might create one, but please don't wait for me. If someone else has a
 smaller todo list and is faster, I am happy about that.

 > proper: by the way, it was almost pure chance that I was just pointed to
 this bug report. If weasel prefers such issues being reported here instead
 of on the Debian BTS, fine with me, but then you might want to point me at
 / Cc: me AppArmor-related issues.

 Will do next time.

 Replying to [comment:5 weasel]:
 > The Debian BTS is the canonical and preferred means to report bugs
 against the debian packages.  Not everybody realizes that.

 Well, I created one @ trac.torproject.org as well since #5791 isn't Debian
 specific. So I am unsure how both projects could benefit best from such
 discussions and proposed changes.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9460#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list