[tor-commits] [sandboxed-tor-browser/master] Bug #20773: Don't mount /proc in the tor container even with PTs.
yawning at torproject.org
yawning at torproject.org
Sat Nov 26 18:23:57 UTC 2016
commit db09c0bb793c705a13e275dc6d52eed70ca95c80
Author: Yawning Angel <yawning at schwanenlied.me>
Date: Sat Nov 26 18:22:10 2016 +0000
Bug #20773: Don't mount /proc in the tor container even with PTs.
Looking at the Go 1.7.3 source code, all of the usages of `/proc` by
obfs4proxy either shouldn't get called, or have graceful failure modes.
---
.../internal/sandbox/application.go | 21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
index 1e38adc..0908af1 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
@@ -458,19 +458,24 @@ func RunTor(cfg *config.Config, torrc []byte) (cmd *exec.Cmd, err error) {
h.stderr = logger
if !cfg.Tor.UseBridges {
h.seccompFn = installTorSeccompProfile
-
- // The tor daemon only uses this to calculate MaxMemInQueues,
- // which is a relay thing, so this can safely be disabled.
- //
- // Not sure about what to do wrt pluggable transports yet,
- // obfs4proxy seems to function fine, and the reads it does
- // look innocent enough, but more investigation is needed.
- h.mountProc = false
} else {
h.seccompFn = installBasicSeccompBlacklist
}
h.unshare.net = false // Tor needs host network access.
+ // Regarding `/proc`...
+ //
+ // `/proc/meminfo` - tor dameon, used to calculate `MaxMemInQueues`,
+ // fails gracefully.
+ // `/proc/sys/kernel/hostname` - obfs4proxy, Go runtime uses this to
+ // determine hostname, 99% sure this is in the binary but not used
+ // due to the `log` package's syslog target.
+ // `/proc/sys/net/core/somaxconn` - obfs4proxy, Go runtime uses this to
+ // determine listener backlog, but will default to `128` on errors.
+ //
+ // See: https://bugs.torproject.org/20773
+ h.mountProc = false
+
if err = os.MkdirAll(cfg.TorDataDir, DirMode); err != nil {
return
}
More information about the tor-commits
mailing list