[tor-bugs] #20283 [Applications/Tor Browser]: Tor Browser should run without a `/proc` filesystem.

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Mar 29 07:35:19 UTC 2018


#20283: Tor Browser should run without a `/proc` filesystem.
--------------------------------------+---------------------------
 Reporter:  yawning                   |          Owner:  pospeselr
     Type:  defect                    |         Status:  assigned
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-sandboxing            |  Actual Points:
Parent ID:  #20773                    |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+---------------------------

Comment (by gk):

 Replying to [comment:10 jld]:
 > If `SECCOMP_FILTER_FLAG_TSYNC` isn't available and `/proc/self/task`
 can't be listed, the sandbox can't start.  The process is already
 multithreaded, so we have to signal all the threads to tell them to apply
 seccomp, and we don't have access to the libc's internal list of threads
 (or the lock protecting it) so we have to ask the kernel via procfs.
 >
 > The single-threadedness check, however, has been removed in Firefox 60,
 as part of https://bugzilla.mozilla.org/show_bug.cgi?id=1401062.

 That#s actually #23915 and we should be good with that.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20283#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list