[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] [tor/master] changelog and spec changes for the .exit fix
Author: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date: Wed, 26 Aug 2009 15:43:18 -0400
Subject: changelog and spec changes for the .exit fix
Commit: b7e8a4631fecc3b3e241780bf1d735683562fd97
---
ChangeLog | 6 ++++++
doc/spec/address-spec.txt | 5 ++++-
2 files changed, 10 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 0a85857..a3d76ca 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,10 @@
Changes in version 0.2.2.1-alpha - 2009-08-26
+ o Security fixes:
+ - Start the process of disabling ".exit" address notation, since it
+ can be used for a variety of esoteric application-level attacks
+ on users. To reenable it, set "AllowDotExit 1" in your torrc. Fix
+ on 0.0.9rc5.
+
o New directory authorities:
- Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
authority.
diff --git a/doc/spec/address-spec.txt b/doc/spec/address-spec.txt
index fdae9b8..2e1aff2 100644
--- a/doc/spec/address-spec.txt
+++ b/doc/spec/address-spec.txt
@@ -33,10 +33,13 @@
"www.google.com.foo.exit=64.233.161.99.foo.exit" to speed subsequent
lookups.
+ The .exit notation is disabled by default as of Tor 0.2.2.1-alpha, due
+ to potential application-level attacks.
+
EXAMPLES:
www.example.com.exampletornode.exit
- Connect to www.example.com from the node called "exampletornode."
+ Connect to www.example.com from the node called "exampletornode".
exampletornode.exit
--
1.5.6.5