Opened 2 months ago

Last modified 8 weeks ago

#24979 new enhancement

torsocks could support ptrace sandboxing

Reported by: Hello71 Owned by: dgoulet
Priority: Low Milestone:
Component: Core Tor/Torsocks Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:



  • 'fixes' SIP, suid, caps
  • fixes static binaries


Child Tickets

Change History (2)

comment:1 Changed 8 weeks ago by cypherpunks

#24037 already has this purpose, and would be a superior solution to ptrace() (which has its share of nasty issues when used for sandboxing especially in multithreaded applications, in addition to being very slow). It is far easier to implement (I could do it in a day once #14132 which is blocking it is resolved) and far more secure.

comment:2 Changed 8 weeks ago by Hello71

seccomp is Linux-specific. ptrace works everywhere. (or, I guess you have used ptrace, doesn't really work anywhere...)

Note: See TracTickets for help on using tickets.