subject:"\[tor\-bugs\] #22692 \[Applications\/Tor Browser\]\: Backport Linux content sandboxing from Firefox 54"

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-10-17 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R, tbb-backported  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  GeorgKoppen201709, TorBrowserTeam201709R, tbb-backport =>
 GeorgKoppen201709, TorBrowserTeam201709R, tbb-backported


Comment:

 Backported for 7.0.7: on `tor-browser-52.4.0esr-7.0-1`

 commit 99459c71ad61f1d7fb3995e616771a30516cf25b
 commit a878b3789b8b338124ba79efb5abba5f9bc34455
 commit 6f946f9a53add44040dde190498c39d14922ec6e
 commit 724bcf6dc8132b87eaf397494d777a30f7cd8210
 commit 458e18efb75ff80d270cc875ac7c200da705752c
 commit f439d50e540ed21a474a2062d1b902931c042a3e
 commit f114f92dda8c67e8f013cf01974b0e1f65c0d04e
 commit fcf32e4bdade5686f7dd3ca503d45fbfc6d56d2d
 commit 74a7688a81cb539e02431fff6dea8ee204b6ff80
 commit b4d1d2223d7fed2bd88b06fa4e0f65936618d417

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-22 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R, tbb-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 FWIW: the necessary `tor-browser-build` fix landed as well meanwhile:
 commit 85537ff8b5a7294138ed57e44818512aaabb9d57 on `master`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-21 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R, tbb-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  GeorgKoppen201709, TorBrowserTeam201709R => GeorgKoppen201709,
 TorBrowserTeam201709R, tbb-backport
 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks. I put all the relevant commits onto `tor-browser-52.3.0esr-7.5-2`:

 commit bf2b5cefbaddca978d5c5eca3b54f0f0af5c8d32
 commit e3693eef06cadfc24d50abe34ae1bedf0385c3f8
 commit 45459c3c090384c1632ac5c2aa4323ed6df656ce
 commit 9a694d0d0cda658157ec2f86e68db0e72b556e04
 commit d63e9b803e99682fc561e60c81cbe7b793b7b70f
 commit 8bf9587a88239cdac723a5b1c37ef46a90a49c21
 commit 08e00435a6657b00a06f7650276944d9b36ee36d
 commit 5b224c4272f4752dea577c92f41b2f651778e975
 commit 722a1a652291a27657ed1a0b7eefd134519daa8f
 commit 018cc6d1fd6751a21bb46aa1b9afc7ca96a42c8c

 jld, thanks again for doing the work for us. If you could watch out for
 further sandbox related security fixes that would be neat.

 This will be available in our upcoming alpha, Tor Browser 7.5a5.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-21 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 Replying to [comment:19 gk]:
 > Thanks, I updated `bug_22692_v3` with the two patches (they applied
 cleanly) and will do a rebuild and further test while waiting on review.

 r=brade, r=mcs
 We verified that the correct set of patches was backported. We did not try
 building and running on Linux, but that can be done once we have alpha
 candidate builds.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-08 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Thanks, I updated `bug_22692_v3` with the two patches (they applied
 cleanly) and will do a rebuild and further test while waiting on review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-07 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by jld):

 You might run into problems related to
 https://bugzilla.mozilla.org/show_bug.cgi?id=1386279 on Fedora, but the
 patch (https://hg.mozilla.org/mozilla-central/rev/c0838ed41842) is simple
 and should backport, although I haven't tried.

 Also, you may want to pick up https://hg.mozilla.org/mozilla-
 central/rev/c963d52551ab, which fixes CVE-2017-7794.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-06 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 The `tor-browser-build` patch looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-06 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * Attachment "0001-Bug-22692-Don-t-use-mremap-in-selfrando-code.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-09-06 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  GeorgKoppen201709,   |  Actual Points:
  TorBrowserTeam201709R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  new => needs_review
 * cc: boklm (added)
 * keywords:  GeorgKoppen201709, TorBrowserTeam201709 => GeorgKoppen201709,
 TorBrowserTeam201709R


Comment:

 Okay, I've been running a build with the non-optional sandbox related
 patches and an updated selfrando for the last couple of days without any
 issues. Nice work, jld! I am confident that this is ready for the next
 alpha at least. `bug_22692_v3´ (https://gitweb.torproject.org/user/gk/tor-
 browser.git/log/?h=bug_22692_v3) has the patches (8 to be exact) applied
 to `tor-browser` and the attached patch fixes the `tor-browser-build`
 part.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-08-29 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201708,|  Actual Points:
  GeorgKoppen201708  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by ah@…):

 I added a mremap() workaround to selfrando, release tb-v0.3.3 should fix
 these crashes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-08-25 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201708,|  Actual Points:
  GeorgKoppen201708  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by ah@…):

 mremap() was unconditionally re-enabled in Firefox 54 because wasm also
 needs it, so this is only a problem on Firefox 52:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1342385
 https://hg.mozilla.org/mozilla-central/rev/7a9b07064c28

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-08-25 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201708,|  Actual Points:
  GeorgKoppen201708  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 https://bugzilla.mozilla.org/show_bug.cgi?id=1286119

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-08-25 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201708,|  Actual Points:
  GeorgKoppen201708  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:9 gk]:
 Add it to `security.sandbox.content.syscall_whitelist` and happy testing
 :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-08-25 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201708,|  Actual Points:
  GeorgKoppen201708  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Applying all of the patches (or just the non-optional ones according to
 comment:description) leads to crashes pretty easily (e.g. on
 www.theguardian.com). However, that does not seem to be caused by Firefox
 but rather by selfrando. Before crashing I see something like
 {{{
 Sandbox: seccomp sandbox violation: pid 5231, tid 5231, syscall 25, args
 140268925878272 135 199 1 0 18446744073709551612
 }}}
 in my terminal which is not happening without selfrando. I guess selfrando
 is not happy about its `mremap` getting blocked by the sandbox? The
 accompanying stack trace of the content process crash is:
 {{{
 #0  0x7f5862230fa6 in Vector::append(unsigned char*
 const&) (val=: , this=0x7fffbd30)
 at src/RandoLib/RandoLib.h:129
 #1  0x7f5862230fa6 in os::Module::::operator() (trap_reloc=...,
 __closure=)
 at src/RandoLib/posix/OSImpl.cpp:641
 #2  0x7f5862230fa6 in
 TrapInfo::for_all_relocations >(os::Module::) const (this=this@entry=0x7fffbc30, func=...,
 func@entry=...)
 at src/TrapInfo/TrapInfo.h:672
 #3  0x7f58622321ec in os::Module::read_got_relocations(TrapInfo
 const*) (this=this@entry=0x7fffbcb0,
 trap_info=trap_info@entry=0x7fffbc30)
 at src/RandoLib/posix/OSImpl.cpp:642
 #4  0x7f58622326dc in os::Module::for_all_exec_sections(bool, void
 (*)(os::Module const&, os::Module::Section const&, TrapInfo&, bool,
 void*), void*) (this=0x7fffbcb0, self_rando=true,
 callback=0x7f586222e580 , callback_arg=0x0)
 at src/RandoLib/posix/OSImpl.cpp:422
 #5  0x7f586222e750 in RandoMain(os::Module::Handle)
 (asm_module=0x7fffbd70)
 at src/RandoLib/RandoLib.cpp:599
 #6  0x7f58622359cb in Linux_EntryPointImpl ()
 at src/RandoLib/posix/EntryPoint.c:70
 #7  0x7f5862235883 in _TRaP_Linux_EntryPoint_init ()
 at /home/thomas/Arbeit/Tor/debugging/22692/tor-browser_en-
 US/Browser/libmozavutil.so
 #8  0x7f5862210748 in  ()
 at /home/thomas/Arbeit/Tor/debugging/22692/tor-browser_en-
 US/Browser/libmozavutil.so
 #9  0x0009 in  ()
 #10 0x7fffddf8 in  ()
 #11 0x7f589240385a in call_init (l=0x7f5862182800, argc=-16824,
 argc@entry=9, argv=argv@entry=0x7fffdda8,
 env=env@entry=0x7fffddf8)
 at dl-init.c:58
 #12 0x7f58924039ab in call_init (env=0x7fffddf8,
 argv=0x7fffdda8, argc=9, l=) at dl-init.c:30
 #13 0x7f58924039ab in _dl_init
 (main_map=main_map@entry=0x7f5862182800, argc=9, argv=0x7fffdda8,
 env=0x7fffddf8) at dl-init.c:120
 #14 0x7f5892407f58 in dl_open_worker (a=a@entry=0x7fffc100)
 at dl-open.c:575
 #15 0x7f5892403744 in _dl_catch_error
 (objname=objname@entry=0x7fffc0f0,
 errstring=errstring@entry=0x7fffc0f8,
 mallocedp=mallocedp@entry=0x7fffc0ef,
 operate=operate@entry=0x7f5892407b70 ,
 args=args@entry=0x7fffc100)
 at dl-error.c:187
 #16 0x7f5892407709 in _dl_open (file=0x7f58607fb820
 "/home/thomas/Arbeit/Tor/debugging/22692/tor-browser_en-
 US/Browser/libmozavutil.so", mode=-2147483646,
 caller_dlopen=0x7f589257fb9d , nsid=-2, argc=, argv=, env=0x7fffddf8) at dl-open.c:660
 #17 0x7f588be8cee9 in dlopen_doit (a=a@entry=0x7fffc330) at
 dlopen.c:66
 #18 0x7f5892403744 in _dl_catch_error (objname=0x7f58835531f0,
 errstring=0x7f58835531f8, mallocedp=0x7f58835531e8, operate=0x7f588be8ce90
 , args=0x7fffc330) at dl-error.c:187
 #19 0x7f588be8d531 in _dlerror_run
 (operate=operate@entry=0x7f588be8ce90 ,
 args=args@entry=0x7fffc330) at dlerror.c:163
 #20 0x7f588be8cf82 in __dlopen (file=, mode=)
 at dlopen.c:87
 #21 0x7f589257fb9d in dtoa (rve=0x7f58, sign=,
 decpt=
 0x7f588ec072a1 ,
 ndigits=-1884013950, mode=32600, dd=)
 at /home/debian/build/tor-browser/nsprpub/pr/src/misc/prdtoa.c:3215
 #22 0x7f589257fb9d in

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-08-09 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201708,|  Actual Points:
  GeorgKoppen201708  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:2 cypherpunks]:
 > Whoa, so are you in business of backporting sandbox level 2? Then for
 other platforms too. Also are you going to do cherry-picking from the
 trunk?

 We are in the business of getting content sandboxing on Linux going at
 all. ESR 52 does not have that by default. We are better off on macOS and
 we have #16010 for Windows. Once we have content sandboxing running on all
 supported platforms we can think about tightening the policies by
 backporting (more) patches.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-07-07 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201707,|  Actual Points:
  GeorgKoppen201707  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201707 => TorBrowserTeam201707,
   GeorgKoppen201707


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-06-23 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
--+--
 Reporter:  jld   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  TorBrowserTeam201706  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by saint):

 * cc: saint (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-06-22 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
--+--
 Reporter:  jld   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  TorBrowserTeam201706  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Whoa, so are you in business of backporting sandbox level 2? Then for
 other platforms too. Also are you going to do cherry-picking from the
 trunk?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-06-22 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
--+--
 Reporter:  jld   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  TorBrowserTeam201706  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: arthuredelstein, mcs, brade (added)
 * keywords:   => TorBrowserTeam201706
 * severity:  Normal => Major
 * priority:  Medium => Very High


Comment:

 Thanks jld, that's really helpful and appreciated. Given the complexity of
 this backport we should test it in some alpha builds I guess starting with
 the next one. Putting it on our agenda.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

2017-06-21 Thread Tor Bug Tracker & Wiki

#22692: Backport Linux content sandboxing from Firefox 54
--+--
 Reporter:  jld   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Tor Browser 7 is based on Firefox ESR 52, so it doesn't have content
 process sandboxing on Linux; that wasn't enabled for non-Nightly builds
 until 54.  It's possible to configure with `--enable-content-sandbox`, but
 there are some bug fixes and improvements that should be backported.  I'm
 told there's interest in doing that, so I came up with a list of patches
 (which merge cleanly, so I also ran some basic tests).

 First, a warning: The sandboxing isn't very strong yet, especially for the
 threats that Tor Browser deals with: it still allows reading any file and
 doing arbitrary `socket` and `connect` calls, for example, so there's
 probably a way for a determined attacker to get a generic sandbox escape,
 and it definitely allows obtaining PII such as MAC addresses.

 The short version: https://github.com/mozilla/gecko-
 dev/compare/esr52...jld:box52-test

 The long version, as a list of Git commit identifiers from the gecko-dev
 repository (I don't know if there's a way to map these to Hg besides
 manually searching for commit messages), with vague descriptions:
 {{{
 2f25df5d1e7405ae76a15fb1c16bc3dd17d6bd98 prlimit64
 f004938bbb928d3d9d04e119c6d448de4808f1d7 string split for pref
 0d2bf66dfdb9601baf8cda464db66dc5773f1758 syscall allowed-list pref
 5de2e3d5f6795f315a7e98319e4845e173b96ad8 vector fix for pref
 eb0d19601af5af2228f7069243044f8ff4c5be73 crash-on-error flag
 f2fa27edcadaa6ff38cbc16216b4cc63d438ae42 reporter part 1
 f0666046d67d7d384eb458506e472091822c198a reporter part 2
 6e97575e73b58a2ddcf76b244a93e4606d686a17 reporter part 3
 7d9acbdacefe00cca9f9eaf8144900d29fa16d9b less networking
 3c4e5389537a6841080e2e50390af2174e2d4f5c unbreak a11y (???)
 f6b03fa2606c2892ffc903967eb6d7eab0a763a6 socketpair workaround
 4821de2b5839e3f33d4ac647262d5d5255a71708 enable on non-nightly
 dc7a177384f8f7acb94654b81c1af45b427d9260 gdbinit signal change
 8f8a9f525559c6611de13fe5264753e5d62fa85b test "todo" fix
 }}}

 The most important part is the patch from bug 1286865 that makes
 unexpected syscalls just fail instead of crashing on non-Nightly builds
 ("crash-on-error flag", above).  There are two big optional pieces: the
 three patches from bugs 1330326 and 1335323 that add a pref that's a list
 of additional syscall numbers to allow (to make it easier to deal with
 system libraries doing unexpected things), and the three other patches
 from bug 1286865 that expose a log of rejected syscalls in about:support
 (the "reporter"; it will still log to stderr without those).

 The patch I've labelled "unbreak a11y" (which allows `accept4`) might not
 be necessary; I think we still disable e10s on non-Nightly if
 accessibility tools are in use.  Alternately, commit `293bbaf3e964` from
 bug 1361338 could be used instead but I haven't tried it on 52.

 The one thing I know this breaks is WebRTC getting local network addresses
 (see bugs 1345511, 1375122, and 1322506 for background; note that there
 are other ways of getting that info that aren't blocked yet), but Tor
 Browser disables WebRTC.  Similarly, I've left out the part of bug 1286865
 that submits Telemetry about rejected syscalls.  There are also some
 patches I omitted where returning an error won't break anything, or where
 it's related to a feature (like WebAssembly) that's not on 52 ESR.

 Hopefully that explains things well enough; let me know if anything needs
 more clarification.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

[tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

20 matches

Site Navigation

Mail list logo

Footer information