[tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Apr 8 09:55:33 UTC 2018
#25737: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
--------------------------------------+--------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by teor):
xpcproxy is a macOS system service involved in RPC setup:
https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man8/xpcproxy.8.html
Does Firefox use it to set up multiprocess mode?
Even if it does, it seems really unusual for a RPC process to be making
remote connections.
Do you know what the DNS query was for that IP address?
If you're using LittleSnitch as your application firewall, it sometimes
logs connections against the wrong process. If the underlying bug is a
kernel bug, then all application firewalls could be affected on macOS.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25737#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list