[tor-bugs] #20879 [Applications/Tor Browser Sandbox]: Set rlimits in the containers.

Mon Dec 5 10:43:37 UTC 2016

#20879: Set rlimits in the containers.
----------------------------------------------+-------------------------
 Reporter:  yawning                           |          Owner:  yawning
     Type:  enhancement                       |         Status:  new
 Priority:  Medium                            |      Milestone:
Component:  Applications/Tor Browser Sandbox  |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:                                    |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+-------------------------

Comment (by yawning):

 First pass: https://gitweb.torproject.org/tor-browser/sandboxed-tor-
 browser.git/commit/?id=82fcc3247c878cff63bbf34fe0c397638a232bde

 I lower the soft/hard limits to:
 {{{
   RLIMIT_STACK = 512 * 1024
   RLIMIT_RSS = 0
   RLIMIT_NPROC = 512
   RLIMIT_NOFILE = 1024
   RLIMIT_MLOCK = 0  // Now proscribed via seccomp() as well.
   RLIMIT_LOCKS = 32
   RLIMIT_SIGPENDING = 64
   RLIMIT_MSGQUEUE = 0
   RLIMIT_NICE = 0
   RLIMIT_RTPRIO = 0
   RLIMIT_RTTIME = 0
 }}}

 I can probably go lower with NPROC/NOFILE, but erred on the side of
 setting hte limits somewhat conservatively.

 As far as `AS`, `DATA`, and `FSIZE` go, I agree that they should be set
 *somehow* and I like your idea of applying soft limits, with UI
 integration.  In general the sandbox needs more UI feedback (#20844), but
 I really need to think about all of this, so the initial release probably
 won't ship with them set, sorry.

 At least things can only improve from here...

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20879#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online