[tor-bugs] #20283 [Applications/Tor Browser]: Tor Browser should run without a `/proc` filesystem.

[Tor Bug Tracker & Wiki]

#20283: Tor Browser should run without a `/proc` filesystem.
--------------------------------------+---------------------------
 Reporter:  yawning                   |          Owner:  pospeselr
     Type:  defect                    |         Status:  assigned
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-sandboxing            |  Actual Points:
Parent ID:  #20773                    |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+---------------------------

Comment (by yawning):

 There are at least two issues that I know of that prevent running Firefox
 without `/proc` mounted.

 The first is that Firefox uses `/proc/self/task` to see if it spawned any
 threads.  The warning can be ignored on any kernel that supports
 `SECCOMP_FILTER_FLAG_TSYNC` (>= 3.17), but may result in "bad" if the
 kernel is old, and no, I do not remember what the bad is.

 The second is that Firefox will crash with `too much recursion` if `/proc`
 is not mounted.  The culprit there is that Firefox will query the stack
 size with `pthread_attr_getstack()` which will return a stack size of `0`,
 if `/proc` is not mounted for the default thread (`tid == pid`).

 Note that there may be other horrific things that happen, or other things
 that break without `/proc`, but I was not able to find any at the time
 that I cared about this.  Finding and debugging such things is left as an
 exercise for the student.  Fixing this properly probably requires upstream
 to care about this use case.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20283#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online