[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #10468 [Tor]: Make DnsPort, IPv6, and AutomapHostsOnResolve work tother.



#10468: Make DnsPort, IPv6, and AutomapHostsOnResolve work tother.
-------------------------+-------------------------------------------------
     Reporter:  nickm    |      Owner:
         Type:  defect   |     Status:  new
     Priority:  major    |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor      |    Version:
   Resolution:           |   Keywords:  tor-client 024-backport automap dns
Actual Points:           |  ipv6
       Points:           |  Parent ID:
-------------------------+-------------------------------------------------
Changes (by cypherpunks):

 * priority:  normal => major


Comment:

 This may be a security-sensitive bug, as various client resolver libraries
 may log invalid responses such as this. Information about DNS queries
 being done by the client, then, leak into the client's system log. As
 such, this should probably be fixed sooner.

 For instance FreeBSD generates log messages such as:

 {{{
 Jan 23 05:18:25 host curl: gethostby*.getanswer: asked for "ifconfig.me IN
 AAAA", got type "A"
 Jan 23 05:18:43 host wget: gethostby*.getanswer: asked for "ifconfig.me IN
 AAAA", got type "A"
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10468#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs