Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • T Torsocks
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 38
    • Issues 38
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 1
    • Merge requests 1
  • Deployments
    • Deployments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • Torsocks
  • Issues
  • #17936

Closed
Open
Created Dec 25, 2015 by Arturo Filastò@art

torsocks fails open on Mac OS X 10.11

I am running OSX 10.11 and since the update I just noticed that torsocks is failing to torify connections.

Here are the details of my system:

$ torsocks --version
Torsocks 2.1.0

$ uname -a
Darwin XXX 15.0.0 Darwin Kernel Version 15.0.0: Sat Sep 19 15:53:46 PDT 2015; root:xnu-3247.10.11~1/RELEASE_X86_64 x86_64

$ sw_vers -productVersion
10.11.1

Doing a cursory search into what may be the causes for this problem it seems like a security "feature" introduced in OSX 10.11 is to blame for this behaviour called System Integrity Protection [1]. Looking around there are other people complaining about the fact that DYLD_INSERT_LIBRARIES doesn't work in OSX 10.11 [2]. This stackoverflow article does a nice summary of what can be done and can't be done due to SIP: http://apple.stackexchange.com/questions/193368/what-is-the-rootless-feature-in-el-capitan-really.

I am not sure what can be done to overcome this limitation in the latest version of OSX, but I think that at least torsocks should implement a check for the OSX version and if it's greater than 10.10 it fails closed (without doing the non-torified request).

[1] https://developer.apple.com/library/mac/documentation/Security/Conceptual/System_Integrity_Protection_Guide/Introduction/Introduction.html

[2] https://groups.google.com/a/chromium.org/forum/#!topic/crashpad-dev/MafauT4BHSY

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking