diff mbox series

[1/4] Tor: Enable syscall sandbox

Message ID	c3117283-a083-01ad-0649-05da5bfa8b0d@ipfire.org
State	Accepted
Commit	0b6a2e761bc14d90725beda5b31f1637a599d163
Headers	To: "IPFire: Development" <development@lists.ipfire.org> From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@ipfire.org> Subject: [PATCH 1/4] Tor: Enable syscall sandbox Message-ID: <c3117283-a083-01ad-0649-05da5bfa8b0d@ipfire.org> Date: Sat, 25 Sep 2021 09:07:58 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: list Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org>
Series	[1/4] Tor: Enable syscall sandbox \| [1/4] Tor: Enable syscall sandbox [2/4] Tor: Use crypto hardware acceleration if available [3/4] Tor: Do not try to support IPv6 for Directory and OR ports [4/4] Tor: Bump package version

Commit Message

Peter Müller Sept. 25, 2021, 7:07 a.m. UTC

  This makes post-exploitation activities harder, in case the local Tor
instance has been compromised. It is worth noticing that Tor won't
respond to a "GETINFO address" command on the control port if sandboxed,
but our CGI does not make use of it, and neither is any legitimate
service on IPFire doing so.

Tested on a small middle relay running on an IPFire machine.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 html/cgi-bin/tor.cgi | 1 +
 1 file changed, 1 insertion(+)

diff mbox series

Patch

diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi
index 3349336ae..ce579aec1 100644
--- a/html/cgi-bin/tor.cgi
+++ b/html/cgi-bin/tor.cgi
@@ -730,6 +730,7 @@  sub BuildConfiguration() {
 	open(FILE, ">$torrc");
 
 	# Global settings.
+	print FILE "Sandbox 1\n";
 	print FILE "ControlPort $TOR_CONTROL_PORT\n";
 
 	if ($settings{'TOR_ENABLED'} eq 'on') {