Opened 7 years ago

Closed 4 years ago

#9894 closed defect (duplicate)

Sandbox doesn't work with obfsproxy

Reported by: zoltan Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.5.1-alpha
Severity: Normal Keywords: sandbox, tor-client, tor-pt
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When running tor [0.2.5.1-alpha-dev (git-a6b4934037d1308e)] with sandbox enabled and using obfsproxy [0.2.4] I get the following error:

(Sandbox) Caught a bad syscall attempt (syscall 0x2A)

after which tor terminates.

Child Tickets

Attachments (1)

9894.txt (332 bytes) - added by nickm 7 years ago.

Download all attachments as: .zip

Change History (10)

comment:1 Changed 7 years ago by arma

Milestone: Tor: 0.2.5.x-final

Changed 7 years ago by nickm

Attachment: 9894.txt added

comment:2 Changed 7 years ago by nickm

Keywords: sandbox tor-client tor-pt added

0x2a is sys_pipe, so maybe we just need to whitelist the pipe syscall. Try the attached patch?

Possible outcomes:

  • Everything works fine: Yay; let's merge this patch.
  • Tor still crashes, but crashes differently this time: We'll need to whitelist another syscall too.
  • Tor works okay, but obfsproxy dies: This would mean that obfsproxy requires some functionality that Tor is disabling. In that case, we'll have to run obfsproxy with fewer restrictions than Tor itself. We'll probably need a helper thread running with high privilege whose whose job is to execute other programs. Setting it up so that it only runs permissible programs, no matter what Tor tells it, will be the fun part. ctoader is working on something like this, I hear.

Possible workaround:

  • Use obfsproxy in external proxy mode, not managed.

comment:3 Changed 7 years ago by zoltan

Tor crashes again, but this time the offending syscall is 0xBF.

comment:4 Changed 7 years ago by nickm

Hm. That's getrlimit. (http://syscalls.kernelgrok.com/)

comment:5 Changed 7 years ago by nickm

Milestone: Tor: 0.2.5.x-finalTor: 0.2.???

comment:6 Changed 4 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:7 Changed 4 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:8 Changed 4 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:9 Changed 4 years ago by nickm

Resolution: duplicate
Severity: Normal
Status: newclosed

We've permitted getrlimit since we first merged this code, and pipe since #16363 for ages. Closing as fixed.

Note: See TracTickets for help on using tickets.