Attaching Nyx (arm) to Tor's control port triggers sandbox
This is what Tor logs before it dies in Tails:
============================================================ T= 1430215250 (Sandbox) Caught a bad syscall attempt (syscall prlimit64) /usr/bin/tor(+0x143019)[0xf76c1019] /lib/i386-linux-gnu/libc.so.6(getrlimit64+0x2d)[0xf7205a6d] /lib/i386-linux-gnu/libc.so.6(getrlimit64+0x2d)[0xf7205a6d] /usr/bin/tor(set_max_file_descriptors+0x4e)[0xf76aa91e]
That was with Tor 0.2.6.7 with bug15482.patch applied (from the
feature/9114-tor-with-bug15482.patch branch), but it also affects
0.2.5.12; looking at Tor’s
syscall indeed isn’t explicitly allowed while in sandbox mode.
Deactivating Tor’s sandboxing (e.g. by running in “bridge mode”) fixes
it. This is a regression since we introduced Tor sandboxing.
I has been reported upstream as Tor bug tails/tails#15211 and I will relay these finding there and then we have to wait for a fix.
- Has duplicate #9447 (closed)