[tor-bugs] #20844 [Applications/Tor Browser Sandbox]: Inform me about sandbox violations
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 5 06:56:29 UTC 2016
#20844: Inform me about sandbox violations
----------------------------------------------+-------------------------
Reporter: arma | Owner: yawning
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by yawning):
Replying to [comment:3 cypherpunks]:
> If it's allowed to catch the signal, what's to stop a hijacked Firefox
from ignoring it? The only signals which cannot be caught are `SIGKILL`
and `SIGSTOP`. Others can be trapped or maliciously ignored.
I mean, right now, proscribed calls return ENOSYS. I was going to change
it to trapping, and returning ENOSYS from the handler, which, firefox is
free to ignore as it sees fit.
> > "weird issues with x86 32 bit systems forgetting whitelisted syscalls"
> Why is it permitting x86_x32 syscalls? They have questionable benefits
and a history of vulnerabilities. Firefox does not make use of the x32 ABI
anyway.
As in, 32 bit intel, on 32 bit systems, not X32.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20844#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list