[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #1090 [Tor Client]: Warning about using an excluded node for exit



#1090: Warning about using an excluded node for exit
---------------------------+------------------------------------------------
    Reporter:  Sebastian   |       Owner:  nickm             
        Type:  defect      |      Status:  needs_review      
    Priority:  major       |   Milestone:  Tor: 0.2.2.x-final
   Component:  Tor Client  |     Version:  0.2.1.19          
  Resolution:  None        |    Keywords:                    
      Parent:              |      Points:                    
Actualpoints:              |  
---------------------------+------------------------------------------------

Comment(by Sebastian):

 reviewed all new commits, have a tiny grammar patch in my 1090-part1
 branch.

 {{{
     /* XXXX022-1090 Should we also allow foo.bar.exit if ExitNodes is set
 and
        Bar is not listed in it?  I say yes, but our revised manpage branch
        implies no. */
 }}}

 I think yes is the answer here. .exit is disabled by default, so (IMO) we
 don't have to worry about people doing attacks here anymore, and anyone
 enabling the feature asked for it. If I understand correctly, this means
 that we can also use mapaddress to map an otherwise excluded relay for use
 with one particular host, which might be valuable for some people too.


 Replying to [comment:47 nickm]:
 > I'm confused about the XXX022-1090 comment on
 connection_ap_can_use_exit: what is the actual bug here?

 This was added in c85eb64cdc982. Judging from the commit msg, arma only
 added it because it is a place where we look at strictnodes and exits; I
 don't spot an issue with it either.

 For the last remaining 1090 XXX, I rewrote the using anyway log message
 and added a new LD_BUG message that triggers if we're using a node that is
 excluded and StrictNodes is set. I think this should now never happen, so
 we should learn about it.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1090#comment:48>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs