[tor-bugs] #20283 [Applications/Tor Browser]: Tor Browser should run without a `/proc` filesystem.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Oct 3 20:07:27 UTC 2016
#20283: Tor Browser should run without a `/proc` filesystem.
------------------------------------------+----------------------------
Reporter: yawning | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords: tbb-sandboxing
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------------
Currently Tor Browser crashes immediately on startup if a proc filesystem
is not mounted on `/proc`. This also affects the upstream firefox code,
so it technically is a Mozilla bug.
{{{
too much recursion
Segmentation fault (core dumped)
}}}
`/proc` contains a large amount of information about the host system that
can be used to fingerprint/identify users and additionally historically
has been the source or part of many kernel security problems.
While this problem can be mitigated by a MAC system (eg: AppArmor) to
constrain what Firefox can access under `/proc`, the ideal fix is for
Firefox to support running without `/proc`, while degrading gracefully
(there is no truly ubiquitous MAC system available on all common Linux
distributions by default, and the problem is severe enough that it should
be resolved correctly).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20283>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list