Tor
0.4.7.0-alpha-dev
|
lib/sandbox: Linux seccomp2-based sandbox.
More...Files | |
file | sandbox.c [code] |
Code to enable sandboxing. | |
file | sandbox.h [code] |
Header file for sandbox.c. | |
lib/sandbox: Linux seccomp2-based sandbox.
This module uses Linux's seccomp2 facility via the libseccomp
library, to restrict the set of system calls that Tor is allowed to invoke while it is running.
Because there are many libc versions that invoke different system calls, and because handling strings is quite complex, this module is more complex and less portable than it needs to be.
A better architecture would put the responsibility for invoking tricky system calls (like open()) in another, less restricted process, and give that process responsibility for enforcing our sandbox rules.