GNU bug report logs -
#27394
[PATCH] gnu: tor: Add seccomp support.
Previous Next
Reported by: Rutger Helling <rhelling <at> mykolab.com>
Date: Fri, 16 Jun 2017 11:23:01 UTC
Severity: normal
Tags: patch
Done: ludo <at> gnu.org (Ludovic Courtès)
Bug is archived. No further changes may be made.
Full log
Message #14 received at 27394 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Rutger Helling transcribed 2.6K bytes:
> Hey ng0,
>
> I think that ticket references whether the default torrc should have
> "Sandbox 1".
I understood the Whonix mail, which is how I got to the trac of tor,
in the way that they don't enable seccomp because tor does not enable
it as default. I'm not 100% positive on this, but I think I used
tor with +seccomp and hardening in Gentoo for a very long time.
> This patch doesn't do that, you still have to set that
> manually if you want to use it. It only gives you the option (Tor will
> just ignore that option in Guix right now).
>
> I also don't think that hardening and the sandbox bite each other in any
> way.
>
> On 2017-06-16 14:01, ng0 wrote:
>
> > Rutger Helling transcribed 2.5K bytes:
> >
> >> Hello,
> >>
> >> this patch adds seccomp support to tor.
> >
> > There's the question if we would want that.
> > tor doesn't enable it by default, see: https://trac.torproject.org/projects/tor/ticket/19215
> > But we also enable hardening by default, which differs from the tor default.
> > I have no problem with moving unstable features in, but hardening
> > seems much more tested to me than seccomp.
--
ng0
OpenPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://krosos.org/~/ng0/ https://www.infotropique.org
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 8 years and 25 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.