From f9c1ba6493478d227c202e4d3444283b2c840a6a Mon Sep 17 00:00:00 2001
From: Cristian Toader <cristian.matei.toader@gmail.com>
Date: Mon, 17 Jun 2013 13:07:14 +0300
Subject: Add a basic seccomp2 syscall filter on Linux

It's controlled by the new Sandbox argument.  Right now, it's rather
coarse-grained, it's Linux-only, and it may break some features.
---
 changes/seccomp2_sandbox | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 changes/seccomp2_sandbox

(limited to 'changes')

diff --git a/changes/seccomp2_sandbox b/changes/seccomp2_sandbox
new file mode 100644
index 0000000000..73b3a8d5e4
--- /dev/null
+++ b/changes/seccomp2_sandbox
@@ -0,0 +1,12 @@
+  o Major features (security):
+    - Use the seccomp2 syscall filtering facility on Linux to limit
+      which system calls Tor can invoke. This is an experimental,
+      Linux-only feature to provide defense-in-depth against unknown
+      attacks. To try turning it on, set "Sandbox 1" in your torrc
+      file. This is an experimental feature, however, and some things
+      may break, so please be ready to report bugs. We hope to add
+      support for better sandboxing in the future,
+      including more fine-grained filters, better division of
+      responsibility, and support for more platforms. This work has
+      been done by Cristian-Matei Toader for Google Summer of Code.
+
-- 
cgit v1.2.3-54-g00ecf