[tor-bugs] #20794 [Applications/Tor Browser Sandbox]: Track what mozilla is doing with their sandboxing efforts.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 18 03:10:02 UTC 2016
#20794: Track what mozilla is doing with their sandboxing efforts.
----------------------------------------------+-------------------------
Reporter: yawning | Owner: yawning
Type: task | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by cypherpunks):
It seems adding non-`USER_NS` is part of their plan:
https://bugzilla.mozilla.org/show_bug.cgi?id=1151624
I'm still a bit disgusted that they go this route, using unprivileged user
namespaces, rather than making use of `CAP_CHROOT` to enter a chroot. I
mean that's gotta be among the least dangerous capabilities.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20794#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list