Hello tor-dev,
Apologies for submitting the report later than planned, but I was on holiday towards the end of last week.
I am currently waiting for a code review for the stage 2 of the seccomp filter, which will very likely include a relatively long list of change requests. As a reminder, at the moment there should be one filter which does both syscall and parameter filtering.
As a brief update the following changes were made for the past 2 weeks: - various syscall filter changes for linux 32/64 bit - dealt with issues related to the open syscall, due to the fact that we use path filtering and external dependencies happen to use 'open' with strings unprotected by the filter (libevent, getaddrinfo, openssl) - received feedback and added socket filters, which support parameter filtering only for 64 bits, since on 32 they get multiplexed on one syscall (socketcall) - waiting for review on [1] in public branch [2]
For stage 3, further privileges will be dropped for different sections of code (eg. the worker threads), and the project will support multiple filters.
More details may be found here [1].
Looking forward to some feedback, if you happen to have any!
References: [1] https://trac.torproject.org/projects/tor/ticket/9249 [2] https://github.com/cristiantoader/tor -gsoc-capabilities/tree/gsoc-cap-stage2