Bug #9284

Attaching Nyx (arm) to Tor's control port triggers sandbox

Added by anonym 2015-04-28 03:38:20 . Updated 2017-06-29 13:59:08 .

Status:
Rejected
Priority:
Normal
Assignee:
Category:
Tor configuration
Target version:
Start date:
2015-04-28
Due date:
% Done:

0%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

This is what Tor logs before it dies in Tails:

============================================================ T= 1430215250
(Sandbox) Caught a bad syscall attempt (syscall prlimit64)
/usr/bin/tor(+0x143019)[0xf76c1019]
/lib/i386-linux-gnu/libc.so.6(getrlimit64+0x2d)[0xf7205a6d]
/lib/i386-linux-gnu/libc.so.6(getrlimit64+0x2d)[0xf7205a6d]
/usr/bin/tor(set_max_file_descriptors+0x4e)[0xf76aa91e]


That was with Tor 0.2.6.7 with bug15482.patch applied (from the feature/9114-tor-with-bug15482.patch branch), but it also affects 0.2.5.12; looking at Tor’s src/common/sandbox.c the prlimit64 syscall indeed isn’t explicitly allowed while in sandbox mode. Deactivating Tor’s sandboxing (e.g. by running in “bridge mode”) fixes it. This is a regression since we introduced Tor sandboxing.

I has been reported upstream as Tor bug Feature #15211 and I will relay these finding there and then we have to wait for a fix.


Subtasks


Related issues

Has duplicate Tails - Bug #9447: Nyx (arm) crashes tor Duplicate 2015-05-21

History

#1 Updated by BitingBird 2015-05-01 10:19:07

  • Subject changed from attaching arm to Tor's control port triggers sandbox to Attaching arm to Tor's control port triggers sandbox

#2 Updated by BitingBird 2015-05-09 02:44:51

  • Target version changed from Tails_1.4 to Sustainability_M1

relaying intri: Bug #9284 won’t be fixed upstream soon, so it should become a code task on our side. Related to replacing Vidalia (since we’re going to rely on arm more). So, 2.0.

#3 Updated by intrigeri 2015-05-09 03:44:21

  • Type of work changed from Wait to Code

#4 Updated by intrigeri 2015-05-21 19:09:02

  • has duplicate Bug #9447: Nyx (arm) crashes tor added

#5 Updated by intrigeri 2015-08-07 02:11:42

  • Subject changed from Attaching arm to Tor's control port triggers sandbox to Attaching Nyx (arm) to Tor's control port triggers sandbox

#6 Updated by sajolida 2015-09-22 07:47:13

  • Target version deleted (Sustainability_M1)

#7 Updated by Anonymous 2017-06-29 13:47:55

The upstream ticket has been fixed: https://trac.torproject.org/projects/tor/ticket/15221
So, is this still relevant?

#8 Updated by Anonymous 2017-06-29 13:59:08

  • Status changed from Confirmed to Rejected

From my understanding, we don’t ship Nyx anymore and the problem is well tracked upstream. So I’m closing this ticket.