mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-12-01 08:03:31 +01:00
f9c1ba6493
It's controlled by the new Sandbox argument. Right now, it's rather coarse-grained, it's Linux-only, and it may break some features.
13 lines
688 B
Plaintext
13 lines
688 B
Plaintext
o Major features (security):
|
|
- Use the seccomp2 syscall filtering facility on Linux to limit
|
|
which system calls Tor can invoke. This is an experimental,
|
|
Linux-only feature to provide defense-in-depth against unknown
|
|
attacks. To try turning it on, set "Sandbox 1" in your torrc
|
|
file. This is an experimental feature, however, and some things
|
|
may break, so please be ready to report bugs. We hope to add
|
|
support for better sandboxing in the future,
|
|
including more fine-grained filters, better division of
|
|
responsibility, and support for more platforms. This work has
|
|
been done by Cristian-Matei Toader for Google Summer of Code.
|
|
|