Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1b6ea92a57
Branches Tags
tor
/
changes
/
seccomp2_sandbox

seccomp2_sandbox 688 B
History Raw

123456789101112 
  1.   o Major features (security):
    2. 

  2.     - Use the seccomp2 syscall filtering facility on Linux to limit
    3. 

  3.       which system calls Tor can invoke. This is an experimental,
    4. 

  4.       Linux-only feature to provide defense-in-depth against unknown
    5. 

  5.       attacks. To try turning it on, set "Sandbox 1" in your torrc
    6. 

  6.       file. This is an experimental feature, however, and some things
    7. 

  7.       may break, so please be ready to report bugs. We hope to add
    8. 

  8.       support for better sandboxing in the future,
    9. 

  9.       including more fine-grained filters, better division of
    10. 

  10.       responsibility, and support for more platforms. This work has
    11. 

  11.       been done by Cristian-Matei Toader for Google Summer of Code.
    12. 

  12.