[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] new relay package for Ubuntu 16.04+

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] new relay package for Ubuntu 16.04+
From: Sean Greenslade <sean@xxxxxxxxxxxxxxxxxx>
Date: Wed, 24 Aug 2016 12:38:15 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 24 Aug 2016 12:38:33 -0400
Dkim-filter: OpenDKIM Filter v2.10.3 cartman.routify.me C184D82C92
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seangreenslade.com; s=default; t=1472056697; bh=tSNH9tmI4mucWVT2IYXAmc1aQNbTLIWCpuPVlz5OG7Q=; h=Date:From:To:Subject:References:In-Reply-To:From; b=RquSQNOfZSeD/fVqjq8WXjhsg7SU91WdXa45KVg90nZFRP3Ip+9ZHswsrSg/SPPiV 4p8B/TKBct1tGqdSPBNg5Ho/dqfzo7G9jIBIgyGWcfMQ5qKzIrKMWAcaBgtn3dj+4+ +3G645tnhZGTGeZHMMf2/RA3njKO2wl6VvCED/yw=
In-reply-to: <1472052823.4054596.704868585.073B695A@webmail.messagingengine.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <20160824134756.GA11880@vetinari> <1737914.V4fOfg5cYy@home> <1472052823.4054596.704868585.073B695A@webmail.messagingengine.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, Aug 24, 2016 at 05:33:43PM +0200, Jan Vidar Krey wrote:
> On Wed, Aug 24, 2016, at 16:43, Aeris wrote:
> > > 2) security is better
> > 
> > Sorry to say that, but : no. It’s very weaker than plain old Debian
> > package.
> > 
> 
> This is a matter of perspective on the "security" definition.
> 
> The snaps does run in a separate container group, so it does have
> some more layers of isolation to the rest of the system.
> This means it is probably better to install an untrusted snap
> than adding another untrusted APT source repository for your
> system.

That's great, except you _really_ shouldn't be installing an untrusted
_anything_ on your system, much less an untrusted tor package. And
implying that this system magically makes untrusted things safe and
suitable for install on a working machine is in my opinion a terrible
precedent to set. A malicious tor install can do plenty of harm even if
it was fully isolated from the rest of the machine.

If something is untrusted, don't install it. Period.

--Sean

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] new relay package for Ubuntu 16.04+
  - From: Aeris

References:
- [tor-relays] new relay package for Ubuntu 16.04+
  - From: Chad MILLER
- Re: [tor-relays] new relay package for Ubuntu 16.04+
  - From: Aeris
- Re: [tor-relays] new relay package for Ubuntu 16.04+
  - From: Jan Vidar Krey

Prev by Author: Re: [tor-relays] Pi3 mid relay dropping lil bit of packets
Next by Author: Re: [tor-relays] Accounting and the 'Stable' flag
Previous by thread: Re: [tor-relays] new relay package for Ubuntu 16.04+
Next by thread: Re: [tor-relays] new relay package for Ubuntu 16.04+
Index(es):
- Author
- Thread