[tor-bugs] #18397 [Tor]: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 26 02:07:14 UTC 2016
#18397: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall
---------------------------+------------------------------------------
Reporter: fowlslegs | Owner:
Type: defect | Status: new
Priority: High | Milestone:
Component: Tor | Version: Tor: 0.2.7.6
Severity: Major | Keywords: seccomp, sandbox, getsockopt
Actual Points: | Parent ID:
Points: | Sponsor:
---------------------------+------------------------------------------
In Tor version 0.2.7.6 (git-605ae665009853bd) on Debian sid, setting
`Sandbox 1` in `torrc` filters the `getsockopt` syscall, which is
necessary for applications such as torsocks, xmpp-client, and TorBirdy.
This syscall should be re-un-blacklisted from the seccomp policy. I say
're' because I confirmed it works in Debian Jessie running version
0.2.7.6-1~d80.jessie+1.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18397>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list