[tor-bugs] #17521 [Core Tor/Tor]: Support capsicum(4) on FreeBSD
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Oct 3 18:58:11 UTC 2017
#17521: Support capsicum(4) on FreeBSD
-------------------------------------------------+-------------------------
Reporter: yawning | Owner:
| shawn.webb
Type: enhancement | Status:
| assigned
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution:
Keywords: tor-relay, security, sandboxing, | Actual Points:
BSD, capsicum |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by shawn.webb):
The problem is that seccomp2 uses a filtering approach. Essentially, once
you've whitelisted the things you want to access, you can call open(2),
socket(2), etc. at will and on demand.
Capsicum takes a completely different approach, one that's fully
incompatible with seccomp2. I've writting a PoC do demonstrate the
approach I'm taking with this ticket:
https://github.com/lattera/PoCs/tree/master/capsicum_fdpassing
Note that the code I've written in the Tor codebase has diverged quite a
bit from the PoC. The PoC is ugly code meant to serve as a brain dump and
code testing area.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17521#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list