From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38925) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dNZaX-0004wr-T3 for guix-patches@gnu.org; Wed, 21 Jun 2017 02:58:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dNZaU-0000v9-1z for guix-patches@gnu.org; Wed, 21 Jun 2017 02:58:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:56100) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dNZaT-0000uz-Ul for guix-patches@gnu.org; Wed, 21 Jun 2017 02:58:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dNZaT-00031Y-KZ for guix-patches@gnu.org; Wed, 21 Jun 2017 02:58:01 -0400 Subject: [bug#27394] [PATCH] gnu: tor: Add seccomp support. Resent-Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_fc76302c4dba3273ab1050f2f1b36059" Date: Wed, 21 Jun 2017 08:57:01 +0200 From: Rutger Helling In-Reply-To: References: Message-ID: <9a77b4c9d799bd5f95bf3fce88e268af@mykolab.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Ludovic CourtXXs , ng0@infotropique.org Cc: 27394-done <27394-done@debbugs.gnu.org> --=_fc76302c4dba3273ab1050f2f1b36059 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 I don't have any issues (yet) running it with the sandbox on, but I agree it's good to test it extensively beforehand and depending on the stability wait until the Tor Project defaults to it. On 2017-06-21 00:31, ng0@infotropique.org wrote: > On Tue, 20 Jun 2017 23:07:38 +0200, ludo@gnu.org (Ludovic Courtès) wrote: > > Hi Rutger, > > Rutger Helling skribis: > > From 5e93733bba145ac3e3a3f39fb43f25ad7125fa2f Mon Sep 17 00:00:00 2001 > From: Rutger Helling > Date: Fri, 16 Jun 2017 13:15:17 +0200 > Subject: [PATCH] gnu: tor: Add seccomp support. > > * gnu/packages/tor.scm (tor)[inputs]: Add libseccomp. > Applied, thanks. > > Do you think the GuixSD service should set "Sandbox 1" by default? The > Besides, the GuixSD service runs Tor in a container, but that doesn't > necessarily provide the same guarantees: > . > > Ludo'. As mentioned earlier in the thread: I don't think it should be default until we have found it to be stable enough. I experienced several "sandbox violations" when running this in the last days. Is this good? Is this bad? I had no chance to investigate this so far. It also goes against torproject recommendations, as they consider sandbox (seccomp) in tor to be an unstable + testing feature, disabled by default. --=_fc76302c4dba3273ab1050f2f1b36059 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=UTF-8

I don't have any issues (yet) running it with the sandbox on, but I agre= e it's good to test it extensively beforehand and depending on the stabilit= y wait until the Tor Project defaults to it.

On 2017-06-21 00:31, ng0@infotropique.org wrote:

=

On Tue, 20 Jun 2017 23:07:38 +0200, ludo@gnu.org (Ludovic Courtès) wrote:

Hi Rutger,

Rutger Helling <rhelling@mykolab.com> skribis:

From 5e93733bba145ac3e3a3f39fb43f25ad7125fa2f Mon Sep = 17 00:00:00 2001
From: Rutger Helling <rhelling@mykolab.com>
Date: Fri, 16 Jun 2017 13:1= 5:17 +0200
Subject: [PATCH] gnu: tor: Add seccomp support.

* gnu/packages/tor.scm (tor)[inputs]: Add libseccomp.

Applied, thanks.

Do you think the GuixSD service should = set "Sandbox 1" by default?  The
Besides, the GuixSD service run= s Tor in a container, but that doesn't
necessarily provide the same g= uarantees:
<https://www.gnu.org/software/guix/n= ews/running-system-services-in-containers.html>.

Ludo'= =2E

As mentioned earlier in the thread: I don't think it should be defau= lt until we have
found it to be stable enough. I experienced several = "sandbox violations" when running
this in the last days. Is this good= ? Is this bad? I had no chance to investigate this so far.
It also go= es against torproject recommendations, as they consider sandbox (seccomp) i= n
tor to be an unstable + testing feature, disabled by default.

 

 
--=_fc76302c4dba3273ab1050f2f1b36059--