[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy

Subject: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 20 Jul 2015 19:50:48 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 20 Jul 2015 15:50:58 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16617: Potential security hole du to cache policy
-------------------------+----------------------------------
 Reporter:  gojul        |          Owner:  tbb-team
     Type:  defect       |         Status:  new
 Priority:  normal       |      Milestone:  Tor: unspecified
Component:  Tor Browser  |        Version:  Tor: unspecified
 Keywords:               |  Actual Points:
Parent ID:               |         Points:
-------------------------+----------------------------------
 Hi,

 I've remarked that Tor browser on-disk cache is actually set to the
 default, i.e. 1024 MB of storage on hard drive. Such an information could
 be actually used to leak information about which web pages were actually
 opened by the user. Setting this hard disk cache by default to zero would
 actually solve the issue, and displaying a warning if this setting is
 altered would also be fine.

 Rgds,

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16617>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #16495, #12975, #14952, #15646, #15703, #16528, #16005, #16311, #16312, #16327
Next by Author: Re: [tor-bugs] #16523 [Tor Browser]: Browser/Chrome Javascript Debugger Broken in 5.0a3
Previous by thread: [tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #16495, #12975, #14952, #15646, #15703, #16528, #16005, #16311, #16312, #16327
Next by thread: Re: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
Index(es):
- Author
- Thread