[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3940 [Tor Client]: Allow MapAddress .exit even if AllowDotExit is 0



#3940: Allow MapAddress .exit even if AllowDotExit is 0
------------------------+---------------------------------------------------
 Reporter:  sjmurdoch   |          Owner:                    
     Type:  defect      |         Status:  needs_review      
 Priority:  major       |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Client  |        Version:  Tor: 0.2.2.32     
 Keywords:  regression  |         Parent:                    
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------

Comment(by arma):

 Replying to [comment:7 nickm]:
 > Probably fix in branch bug3940_022 in my public repository.

 Looks fine I think. Bonus points if somebody has tested it. :)

 > Should there be an additional option that says "not even in MapAddress"?
 Maybe.

 I'd say no. It's a pretty esoteric use. "Don't set a torrc option you
 didn't want to set" is probably better advice than adding more code to
 Tor. The goal of AllowDotExit was to protect us against remote hosts that
 can make us ask our socks port for new destinations. There's no analog to
 that with MapAddress.

 > Should there be more documentation that says that AllowDotExit 0 doesn't
 apply to TrackHostExits and MapAddress?  Yes, I think so.

 Yes.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3940#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs