[tor-bugs] #31031 [Applications/Tor Browser]: Tor Browser trying to read /etc/machine-id on start
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jun 28 17:11:50 UTC 2019
#31031: Tor Browser trying to read /etc/machine-id on start
----------------------------+------------------------------------------
Reporter: rain-undefined | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Component: Applications/Tor Browser
Version: | Severity: Normal
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------+------------------------------------------
Steps to reproduce:
- Tor Browser from the official website
- Download and enable the AppArmor profile from https://github.com/Whonix
/apparmor-profile-torbrowser (you may need to modify 2 or 3 lines due to
different naming, e.g. change `*-browser` to `*-browser*`)
- Start TorBrowser
- Inspect `/var/log/kern.log`
You'll see a message like
`Jun 29 01:23:45 debian kernel: [xxxxxx.xxxxxx] audit: type=1400
audit(xxxxxxxxxx.xxx:xx): apparmor="DENIED" operation="open"
profile="/**/*-browser*/Browser/firefox" name="/etc/machine-id" pid=xxxx
comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0`
Not sure if this behaviour is also present in Firefox, maybe test it when
I have time.
---
Debian 10 "Buster"
Tor Browser 8.5.3
AppArmor 2.13.2-10
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31031>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list