[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tor-talk] Attention Jail afficionados



minijail better than real jail, see:
 https://github.com/omegaup/minijail

"a tiny, custom launcher that handles namespacing, control groups,
chroot'ing..."

forked from https://chromium.googlesource.com/chromiumos/platform/minijail/
documentation http://www.chromium.org/chromium-os/chromiumos-design-docs/system-hardening

---

is anyone using minijail on a distribution other than Arch Linux
without building a new kernel and libcommoncap?  reply on list as this
would be useful reference point.

next question is how you're running Tor in minijail :)
[ if SocksPort, SocksSocket, DNSPort, etc. ... ]

also,
 https://outflux.net/teach-seccomp/
 https://code.google.com/p/chromium/issues/detail?id=401655
 https://lwn.net/Articles/494252/


best regards,
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk