Enable Secure Computing Mode

Following the implementation of #43 to properly ensure uid/gid privileges dropping and chroot of Tor2web, this ticket is to further improve the security of the daemon by enabling Linux's Secure Computing Mode.
# Secure Computing Mode

Linux Kernel introduced Secure Computing Mode.
After the secure computing mode has been set to True, the only system calls that the thread is permitted to make are read(), write(), _exit(), and sigreturn(). Other system calls result in the delivery of a SIGKILL signal.

It is implemented by  prctl.set_seccomp(mode) with package PRCTL available on http://packages.python.org/python-prctl/
## 


<bountysource-plugin>

---
Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/14807247-enable-secure-computing-mode?utm_campaign=plugin&utm_content=tracker%2F318575&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F318575&utm_medium=issues&utm_source=github).
</bountysource-plugin>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Enable Secure Computing Mode #47

Secure Computing Mode

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Enable Secure Computing Mode #47

Description

Secure Computing Mode

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions