#18397: `Sandbox 1` in Tor 0.2.7.6 should not filter `getsockopt` syscall -------------------------------------------------+------------------------- Reporter: fowlslegs | Owner: nickm Type: defect | Status: Priority: High | needs_information Component: Core Tor/Tor | Milestone: Tor: Severity: Major | 0.2.??? Keywords: seccomp, sandbox, getsockopt, | Version: Tor: 027-backport | 0.2.7.6 Parent ID: | Resolution: Reviewer: | Actual Points: | Points: | Sponsor: -------------------------------------------------+-------------------------
Comment (by Jigsaw52): I was able to reproduce this issue with the following configuration: OS: Ubuntu Server 16.04 64bits Minimal virtual machine install option chosen when installing (F4 menu). tor version: 0.2.7.6 (git-605ae665009853bd) Packages installed: tor apparmor-profiles apparmor-profiles-extra Virtualization software: virtualbox 5.0.24 Host OS: Ubuntu Server 15.10 64bits systemd uses the following command to start tor: /usr/bin/tor --defaults- torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 tor is started under user debian-tor The only changes in the torrc config file where: - enabling debug log - adding Sandbox 1 Relevant files (tor-service-defaults-torrc, torrc and debug.log) are attached. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18397#comment:10> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs