FS#41670 - [tor] Add further permission restrictions in the systemd service files.

Attached to Project: Community Packages
Opened by Steven (Stebalien) - Saturday, 23 August 2014, 21:18 GMT
Last edited by Lukas Fleischer (lfleischer) - Friday, 09 January 2015, 13:37 GMT
Task Type Feature Request
Category Upstream Bugs
Status Closed
Assigned To Lukas Fleischer (lfleischer)
Architecture All
Severity Very Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Specifically, the following options can be added to further sandbox tor:

ProtectSystem=full # Shouldn't be necessary as tor isn't running as root but doesn't hurt.
ProtectHome=true # Hide user files.
PrivateTmp=true # Hide the shared /tmp
NoNewPrivileges=true # This will prevent tor from doing things like executing SETUID programs.
This task depends upon

Closed by  Lukas Fleischer (lfleischer)
Friday, 09 January 2015, 13:37 GMT
Reason for closing:  Upstream
Comment by Lukas Fleischer (lfleischer) - Sunday, 24 August 2014, 08:48 GMT
The upstream systemd unit [1] already seems to do some of the things you suggested and I think we should use that instead of building our own. If you think that additional hardening options should be added, could you please try to report that upstream?

[1] https://gitweb.torproject.org/tor.git/blob/HEAD:/contrib/dist/tor.service.in
Comment by Steven (Stebalien) - Sunday, 24 August 2014, 16:48 GMT
I agree. I asked upstream to add the NoNewPrivileges flag (https://trac.torproject.org/projects/tor/ticket/12939) and they're already in the process of further restricting file system access (https://trac.torproject.org/projects/tor/ticket/12751)
Comment by Lukas Fleischer (lfleischer) - Tuesday, 26 August 2014, 10:57 GMT
  • Field changed: Category (Packages → Upstream Bugs)
Great, thanks!

Loading...