minijail better than real jail, see: https://github.com/omegaup/minijail
"a tiny, custom launcher that handles namespacing, control groups, chroot'ing..." forked from https://chromium.googlesource.com/chromiumos/platform/minijail/ documentation http://www.chromium.org/chromium-os/chromiumos-design-docs/system-hardening --- is anyone using minijail on a distribution other than Arch Linux without building a new kernel and libcommoncap? reply on list as this would be useful reference point. next question is how you're running Tor in minijail :) [ if SocksPort, SocksSocket, DNSPort, etc. ... ] also, https://outflux.net/teach-seccomp/ https://code.google.com/p/chromium/issues/detail?id=401655 https://lwn.net/Articles/494252/ best regards, -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
