Running Tor Browser Bundle in a sandbox
Daniel J Walsh
dwalsh at redhat.com
Mon Aug 26 14:19:27 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/21/2013 05:47 AM, fedorauser wrote:
> Hi!
>
> since F19 my default browser is 'sandbox -X -t sandbox_web_t firefox %u'
> which makes me feel a little bit more comfortable when browsing the web
> without NoScript enabled.
>
> Now I'd like to also move the Tor Browser Bundle [1] into a sandbox, has
> anyone tried to do that yet?
>
> Besides outgoing connections TBB will also try to open two listeners at
> 127.0.0.1:9150 and 127.0.0.1:9151.
>
> So far a simple test failed:
>
> cd tor-browser_en-US-3.0-alpha-3 sandbox -X -H . -t sandbox_net_t
> ./start-tor-browser Error: Tor Browser exited abnormally. Exit code: 127
>
> Is there another sandbox type (-t) that would be more appropriate for
> this? Does sandbox_net_t allow to open local listeners (9150+9151)?
>
> thanks!
>
>
> [1] https://archive.torproject.org/tor-package-archive/torbrowser/3.0a3/
>
>
> -------------------------------------------------
>
> VFEmail.net - http://www.vfemail.net $14.95 ONETIME Lifetime accounts with
> Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail
> Options! -- selinux mailing list selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
What avc messages are you seeing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlIbY+8ACgkQrlYvE4MpobOs6QCeMiXCFnDjnF9fGn9k6567BJny
hLAAniKtP4+IpyXlvysFywvSN5dNNYsw
=OnWx
-----END PGP SIGNATURE-----
More information about the selinux
mailing list