[Tor-BSD] [CFT] HardenedBSD's security/tor-capsicum port
teor
teor2345 at gmail.com
Tue Feb 27 15:31:35 EST 2018
> On 28 Feb 2018, at 06:03, Shawn Webb <shawn.webb at hardenedbsd.org> wrote:
>
>> On Tue, Feb 27, 2018 at 01:44:00PM -0500, Shawn Webb wrote:
>>> On Tue, Feb 27, 2018 at 12:48:29PM -0500, Shawn Webb wrote:
>>> Hey All,
>>>
>>> Many of you know that I've been working on Capsicum support in Tor.
>>> I've added a ports entry for it in the HardenedBSD ports tree,
>>> security/tor-capsicum.
>>>
>>> To enable capmode, you'll need to add "Sandbox 1" to your torrc. Note
>>> that since libevent does not support Capsicum and creates sockets on
>>> its own, using DNSPort (most commonly used in transparent proxy
>>> setups) with capmode enabled is unsupported. I've filed a bug report
>>> with libevent to start the discussion around adding a
>>> Capsicum-friendly API for socket creation/maintenance.
>>>
>>> On HardenedBSD 12-CURRENT/amd64, security/tor-capsicum is compiled with:
>>> - PIE
>>> - Full RELRO
>>> - CFI (without the cfi-icall scheme)
>>> - SafeStack
>>> - Retpoline
>>> - Capsicum support
>>>
>>> Please test and let me know any success or failure stories.
>>
>> I've now tested in relay mode. It appears there's a bug that prevents
>> relay mode from working. I hope to have this resolved within a week.
>>
>> So, don't run with Capsicum enabled if you're running a relay.
>> However, please test if you're running simply as a client node.
>
> This is due to Tor using libevent to handle DNS when in relay mode. As
> noted above, libevent does not support Capsicum. So fixing relay mode
> will require a Capsicum-friendly libevent.
Does Capsicum work for non-exit relays?
They shouldn't use DNS for anything important.
T
More information about the Tor-BSD
mailing list