GitLab

I was looking at some of the fantastic fuzzing research from lcamtuf and I made the mistake of looking at the autogenerated test cases:

http://lcamtuf.coredump.cx/afl/demo/gif_im/full/

It locked my machine (on Tails) because the browser began to consume every possible resource. I would consider this a Tails issue as the load was around ~20 after a minute or three but not Tails alone. On the one hand, I think Tails should probably compartmentalize the browser and set reasonable rlimits. On the other hand, why doesn't Tor Browser do that? The fact that the entire machine locked up is clearly a Tails-doesn't-confine-the-browser very-well. The fact that Tor Browser can do that is clearly a Tor Browser doesn't set limits issue. I don't think this is just a matter of "not sandboxing" but rather this is a matter of trying to use every bit of juice a machine has available.

How could we do this on a sane platform? In an ideal world, we can load any page and it should not lock the machine. In an ideal world, we could load any page and it shouldn't even lock the browser for other tabs. The latter is obviously something that comes with sandboxing but only if the whole machine isn't thrashing, right?

Anyway, we may also want to use lcamtuf's awesome fuzzing work to crash Tor Browser in interesting ways.