1. 11 Oct, 2016 6 commits
  2. 09 Oct, 2016 4 commits
  3. 06 Oct, 2016 22 commits
  4. 05 Oct, 2016 5 commits
  5. 04 Oct, 2016 3 commits
    • anonym's avatar
      Leverage AppArmor's in-kernel solution for determining executable paths. · ec31cf6f
      anonym authored
      Using /proc/pid/cmdline is not secure since it can be trivially set
      with, for instance:
      
          exec -a "pwned" sh -c 'cat /proc/$$/cmdline'
      
      The /proc/pid/exe symlink is not good enough for scripts (since it will
      point to the interpreter, not the script) so let's instead use
      AppArmor's in-kernel solution for determining executable paths. We
      fallback to /proc/pid/exe for unconfined processes, which leaves us with
      only unconfined scripts not being supported by tor-controlport-filter.
      However, profiles in complain mode is still good enough, so a trivial
      stub profile in complain mode is enough, which is exactly what we do for
      onionshare and onioncircuits.
      ec31cf6f
    • bertagaz's avatar
      82e9ad4c
    • bertagaz's avatar
      Update 2.7 changelog with last #11846 merge. · 8fdc1e64
      bertagaz authored
      8fdc1e64