Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • T tails
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 974
    • Issues 974
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 26
    • Merge requests 26
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #6081
Closed
Open
Issue created Jul 18, 2013 by import-from-Redmine@import-from-Redmine

Sandbox Tor

Originally created by Tails on #6081 (Redmine)

Tor probably has one the biggest attack surface exposed by Tails to a network attacker. It also knows the IP that’s being used to connect to the Internet. Therefore, anything is welcome to make it harder, for an attacker, to escalate from “Tor exploited” to “whole system under’s attacker control” or deanonymization.

When a container-based solution becomes a viable, secure solution for creating isolated jails, the chroot approach used by the unsafe browser will be easily adaptable to contain Tor.

Alternatively, AppArmor confinement should be considered.

Feature Branch: feature/apparmor

Parent Task: #8004 (closed)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking