[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #1090 [Tor Client]: Warning about using an excluded node for exit
#1090: Warning about using an excluded node for exit
---------------------------+------------------------------------------------
Reporter: Sebastian | Owner: nickm
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version: 0.2.1.19
Resolution: None | Keywords:
Parent: | Points:
Actualpoints: |
---------------------------+------------------------------------------------
Comment(by Sebastian):
reviewed all new commits, have a tiny grammar patch in my 1090-part1
branch.
{{{
/* XXXX022-1090 Should we also allow foo.bar.exit if ExitNodes is set
and
Bar is not listed in it? I say yes, but our revised manpage branch
implies no. */
}}}
I think yes is the answer here. .exit is disabled by default, so (IMO) we
don't have to worry about people doing attacks here anymore, and anyone
enabling the feature asked for it. If I understand correctly, this means
that we can also use mapaddress to map an otherwise excluded relay for use
with one particular host, which might be valuable for some people too.
Replying to [comment:47 nickm]:
> I'm confused about the XXX022-1090 comment on
connection_ap_can_use_exit: what is the actual bug here?
This was added in c85eb64cdc982. Judging from the commit msg, arma only
added it because it is a place where we look at strictnodes and exits; I
don't spot an issue with it either.
For the last remaining 1090 XXX, I rewrote the using anyway log message
and added a new LD_BUG message that triggers if we're using a node that is
excluded and StrictNodes is set. I think this should now never happen, so
we should learn about it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1090#comment:48>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs