[tor-bugs] #20844 [Applications/Tor Browser Sandbox]: Inform me about sandbox violations
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 5 03:40:27 UTC 2016
#20844: Inform me about sandbox violations
----------------------------------------------+-------------------------
Reporter: arma | Owner: yawning
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by cypherpunks):
>Apparently another option is that the kernel could send the process a
SIGSYS signal. So in that case my browser would die with a sigsys signal,
and I could conclude that apparently a sandbox violation occurred.
If it's allowed to catch the signal, what's to stop a hijacked Firefox
from ignoring it? The only signals which cannot be caught are `SIGKILL`
and `SIGSTOP`. Others can be trapped or maliciously ignored.
> "weird issues with x86 32 bit systems forgetting whitelisted syscalls"
Why is it permitting x86_x32 syscalls? They have questionable benefits and
a history of vulnerabilities. Firefox does not make use of the x32 ABI
anyway.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20844#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list