Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • T tails
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 920
    • Issues 920
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 18
    • Merge requests 18
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #6081
Closed
Open
Created Jul 18, 2013 by import-from-Redmine@import-from-Redmine

Sandbox Tor

Originally created by Tails on #6081 (Redmine)

Tor probably has one the biggest attack surface exposed by Tails to a network attacker. It also knows the IP that’s being used to connect to the Internet. Therefore, anything is welcome to make it harder, for an attacker, to escalate from “Tor exploited” to “whole system under’s attacker control” or deanonymization.

When a container-based solution becomes a viable, secure solution for creating isolated jails, the chroot approach used by the unsafe browser will be easily adaptable to contain Tor.

Alternatively, AppArmor confinement should be considered.

Feature Branch: feature/apparmor

Parent Task: #8004 (closed)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking