MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
tor
Search

Oniux: kernel-level Tor isolation for Linux applications

Thursday May 15, 2025. 04:19 PM , from LWN.net
The Tor project has announced
the oniux utility which provides Tor network isolation, using Linux
namespaces, for third-party applications.

Namespaces are a powerful feature that gives us the ability to
isolate Tor network access of an arbitrary application. We put each
application in a network namespace that doesn't provide access to
system-wide network interfaces (such as eth0), and instead provides a
custom network interface onion0.

This allows us to isolate an arbitrary application over Tor in the
most secure way possible software-wise, namely by relying on a
security primitive offered by the operating system kernel. Unlike
SOCKS, the application cannot accidentally leak data by failing to
make some connection via the configured SOCKS, which may happen due to
a mistake by the developer.

The Tor project cautions that oniux is considered experimental as
the software it depends on, such as Arti and
onionmasq,
are still new.
Read more at LWN.net
https://lwn.net/Articles/1021354/

Related News

tor Accessibility on Linux sucks, but GNOME and KDE are making progress OS NewsMay 16
network Your Linux apps could be leaking data -- oniux is built to stop it BetaNewsMay 15
oniux Google Dominates AI Patent Applications SlashdotMay 15
application US Tech Visa Applications Are Being Put Through the Wringer Wired: Tech.May 15
linux Microsoft Is Open-Sourcing Its Linux Integration Services Automation Image-Testing Service SlashdotMay 15
isolation NordVPN Finally Gets a Proper GUI On Linux SlashdotMay 15
applications NordVPN finally gets a proper GUI on Linux BetaNewsMay 14
are Nobara 42 ditches Firefox for Brave while becoming the friendliest Fedora-based Linux distribution ever BetaNewsMay 14
arbitrary Linux removes support for the 486, and now I’m curious what that means for Vortex86 processors OS NewsMay 13
socks Ominous sea level report card for most U.S. coastal communities BoingBoingMay 12
access How to build (real) cloud-native applications InfoWorldMay 12
kernel-level Kernel prepatch 6.15-rc6 LWN.netMay 12
namespaces Life of a Marathon Streamer: Online for Three Years, Facing Isolation and Burnout SlashdotMay 11
which Xtool: cross-platform Xcode replacement for Linux, Windows, and macOS OS NewsMay 10
provides [$] A kernel developer plays with Home Assistant: general impressions LWN.netMay 9
tor Google requires Android applications on Google Play to support 16 KB page sizes OS NewsMay 9
network Linux Drops Support For 486 and Early Pentium Processors SlashdotMay 8
oniux Maintainer of Linux Distro AnduinOS Revealed to Be Microsoft Employee SlashdotMay 8
application Linux Mint 22.2 and LMDE 7 codenames revealed BetaNewsMay 8
linux Forget CCleaner -- BleachBit 5.0 is here to remove junk, broken files and bloat from Windows 10/11 and Linux BetaNewsMay 8
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
May, Fri 16 - 03:47 CEST