[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15220 [Tor]: Allow SocksSockets writable by arbitrary user

Subject: Re: [tor-bugs] #15220 [Tor]: Allow SocksSockets writable by arbitrary user
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 10 Mar 2015 21:13:15 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 10 Mar 2015 17:13:22 -0400
In-reply-to: <046.4c6c963f3b7c13486c8ecf9783e98731@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.4c6c963f3b7c13486c8ecf9783e98731@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#15220: Allow SocksSockets writable by arbitrary user
-----------------------------+-----------------
     Reporter:  sysrqb       |      Owner:
         Type:  enhancement  |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Tor          |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-----------------
Changes (by sysrqb):

 * cc: ioerror, andrea, dgoulet, yawning, nickm (added)


Comment:

 This issue doesn't affect the Tor Browser use-case, or the situation where
 the user is a member of the tor group (or is the tor user), but in most
 other cases this is a serious usability problem. So, do we leave this
 (mostly) useless in 0.2.6 and fix this in 0.2.7? Or, do we tweak the
 implementation and make it usable in 0.2.6 and then finish fixing it in
 0.2.7?

 In this specific case, I dont seem the harm of defaulting the unix socket
 to 0666, the INET SocksPort is no different (unless restricted by a
 firewall or somesuch). This also negates the use of
 SocksSocketsGroupWritable. But now that we're in the freeze, it seems too
 late for us to start changing config option behavior. Thoughts?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15220#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #15220 [Tor]: Allow SocksSockets writable by arbitrary user
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #15220 [Tor]: Allow SocksSockets writable by arbitrary user
Next by Author: Re: [tor-bugs] #15213 [Pluggable transport]: DNS tunneling transport (like iodine, dnscat)
Previous by thread: Re: [tor-bugs] #15220 [Tor]: Allow SocksSockets writable by arbitrary user
Next by thread: Re: [tor-bugs] #15220 [Tor]: Allow SocksSockets writable by arbitrary user
Index(es):
- Author
- Thread