There is VM's, and
Multiple X server can isolate on up to all available vty's.
There is also program shipped by X11 called Xnest.
But the more concern than apps and keyboards above,
is probably the driver / kernel portion of security surface.
___
tor-dev
>
> Log files are sorted as part of the sanitizing procedure, so that
> request order should not be preserved. If you find a log file that is
> not sorted, please let us know, because that would be a bug.
That’s great! It just appeared ordered in that multiple related requests
appeared in
On Wed, 21 Sep 2016 23:31:27 +0200
Stanisław Kosma wrote:
> At this point no further audit of X11 is necessary. It is well
> understood that it is insecure by design. In fact why would you need
> an audit, take look at X11 API for yourself:
> * X11 client: Please send me all
On 21.09.2016 19:57, grarpamp wrote:
> On Wed, Sep 21, 2016 at 5:33 AM, Yawning Angel
> wrote:
>> Where: https://git.schwanenlied.me/yawning/sandboxed-tor-browser
>
>> X11 is a huge mess of utter fail. Since the sandboxed processes get direct
>> access to the host X
On Wed, Sep 21, 2016 at 5:33 AM, Yawning Angel wrote:
> Where: https://git.schwanenlied.me/yawning/sandboxed-tor-browser
> X11 is a huge mess of utter fail. Since the sandboxed processes get direct
> access to the host X server, this is an exploitation vector.
Is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Aaron,
On 20/09/16 15:43, Aaron Johnson wrote:
>>
>> Good thinking! I summarized the methodology on the graph page
>> as: The graph above is based on sanitized Tor web server logs
>> [0]. These are a stripped-down version of Apache's "combined"
Hi,
Note:
* Don't use this unless you are capable of debugging it.
* Don't use this if you need strong security (though the author
believes it is an improvement over unsandboxed Tor Browser, and the
previous sandboxing attempts).
* Don't re-package it, it's not ready for that.
In