[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #9445 [Tor Launcher]: Tor Launcher should be more relaxed about bridge line input



#9445: Tor Launcher should be more relaxed about bridge line input
---------------------------------------------------+------------------------
 Reporter:  bastik                                 |          Owner:  brade
     Type:  task                                   |         Status:  new  
 Priority:  major                                  |      Milestone:       
Component:  Tor Launcher                           |        Version:       
 Keywords:  tbb-3.0-stable-blocker, tbb-usability  |         Parent:  #9444
   Points:                                         |   Actualpoints:       
---------------------------------------------------+------------------------

Comment(by sysrqb):

 Replying to [comment:10 mikeperry]:
 > As I said in #9156, I think the most sane way forward here is to check
 to see if 'bridge ' is present at the beginning of the line, and if yes,
 accept it, otherwise prepend 'bridge ' to it and shove it into
 SETCONF+SAVECONF/torrc, and let Tor decide if it is actually valid with
 respect to the PT schemes installed or not. That way we can support both
 formats in Tor Launcher.
 >
 This will be a good way to do it because users may try to reuse the
 bridges they added in Vidalia, and the settings menu in Vidalia does not
 display the 'Bridge' keyword, so they will likely not include it.

 > Are there any code exec-level dangers to pasting arbitrary bridge lines
 with the current PT scheme?
 At present, all argument validation is (supposed to be) handled by the PT.
 Tor Launcher can probably perform some validation of the basic syntax, but
 it's not expected to do so for the optional arglist (which becomes a deep,
 dark hole). None of the fully-implemented PTs use the optional arglist, so
 there isn't a way to pass any kind of executable string to them. However,
 this is possible, but any implemented PT that relies on external args for
 execing will need extensive validation checks - something I don't think
 Tor Launcher should be expected to implement.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9445#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs