Evaluate SGX impact on exploitation
Threat model: 1 adversary has access to Intel backdoors to put own versions of Intel trusted SGX service enclaves. 2 adversary uses the most sophisticated exploits they have against the user 3 adversary is not willing to use that exploits if they can be investigated and disclosed
so
1 We shouldn't put whole TorBrowser into SGX enclave. This will make exploits unauditable. 2 Enclaves are restricted to ring 3 but they can use syscalls. The common attack scenario is hacking usermode process first and then escalating the privileges. For privilege escalation phase an adversary can setup an enclave and upload an exploit there after remote attestation, which will make the exploit unanalyzable. So we need a way to reliably disable SGX on the systems TorBrowser is executed.