[tor-dev] Sandboxed Tor Browser should be officially developed
Matthew Finkel
matthew.finkel at gmail.com
Tue Jul 24 01:37:10 UTC 2018
On Mon, Jul 16, 2018 at 01:32:19AM +0000, Matthew Finkel wrote:
> Hi Everyone,
>
> We'll discuss this at a meeting next Tuesday, 24 July at 15:00 UTC in
> #tor-meeting on OTFC.
Reminder!
>
> There was some discussion on the tbb-dev@ mailing list, but this meeting
> will cover the details, implementation plan, roadmap, timeline, etc
> (maybe we won't have enough time for all of these topics).
>
> Please feel free to join the channel and watch and/or contribute
> productively. There will be logs available after the meeting, as well.
>
> https://lists.torproject.org/pipermail/tbb-dev/2018-July/000874.html
We'll be discussing the available platform-specific features, some are
described (to some extent) in the above thread. Another option that
wasn't included was Docker-on-each-OS - at this point, Docker is
supported on some versions of Windows, Mac OS X and Linux. However,
this doesn't include all OS versions supported by Tor Browser, so we
must choose our sandboxing techniques carefully.
I believe we can use/abuse many of the same features used by Docker on
these systems when they are available, but we'll need a safe fallback
option when they aren't available (while still providing as much
protection as we can).
As Tom mentioned in his response on the tbb-dev@ thread, the Windows
container features are only available on Windows 10 Professional and
Enterprise editions - so we can't rely on them right now. The API is
completely undocumented, but we have reference implementations.
Containers on Mac OS X are provided through an OS-provided hypervisor
layer. This may be an interesting avenue we can explore[0]. On Linux,
Sandboxed Tor Browser remains a good example of what we can accomplish.
[0] https://github.com/mist64/xhyve
>
> Thanks,
> Matt
More information about the tor-dev
mailing list