[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #523 [Torbutton]: New Identity Button and Timer

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #523 [Torbutton]: New Identity Button and Timer
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 18 Feb 2011 23:44:58 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 18 Feb 2011 18:45:08 -0500
In-reply-to: <049.3cc7ba28224f3d2180e6b612d9b81b5f@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.3cc7ba28224f3d2180e6b612d9b81b5f@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#523: New Identity Button and Timer
----------------------------+-----------------------------------------------
    Reporter:  mikeperry    |       Owner:  koryk   
        Type:  enhancement  |      Status:  assigned
    Priority:  major        |   Milestone:  1.4     
   Component:  Torbutton    |     Version:  1.1     
  Resolution:  None         |    Keywords:          
      Parent:               |      Points:          
Actualpoints:               |  
----------------------------+-----------------------------------------------

Comment(by mikeperry):

 Replying to [comment:11 arma]:
 > Replying to [comment:10 mikeperry]:
 > > For Tor Browser Bundle, doing a New Identity Button is actually much
 easier, because Vidalia now launches both Tor and Firefox. It passes a
 control port password to Tor via the command line. It can pass this same
 password to Torbutton via an environment variable. This way, Torbutton can
 connect to Tor's control port to send the SIGNAL NEWNYM itself.
 >
 > What level of Firefox (or extension) vulnerability would be sufficient
 to break into and reconfigure your Tor, in this case?

 A vulnerability that enables the full reconfiguration of Tor from Firefox
 using this password would also allow arbitrary code execution as the
 Firefox user.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/523#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #523 [Torbutton]: New Identity Button and Timer
Next by Author: [tor-bugs] #2582 [Tor Client]: Bridge Routers Broken on MAC OSX 10.6.6
Previous by thread: Re: [tor-bugs] #523 [Torbutton]: New Identity Button and Timer
Next by thread: Re: [tor-bugs] #523 [Torbutton]: New Identity Button and Timer
Index(es):
- Author
- Thread