[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #33123 [Applications/GetTor]: Update GetTor's rate limiting

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #33123 [Applications/GetTor]: Update GetTor's rate limiting
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 31 Jan 2020 22:13:54 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 31 Jan 2020 17:14:06 -0500
In-reply-to: <046.c87a5806eb1d81076acf6c1fb6e28905@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.c87a5806eb1d81076acf6c1fb6e28905@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#33123: Update GetTor's rate limiting
---------------------------------+--------------------------
 Reporter:  cohosh               |          Owner:  cohosh
     Type:  defect               |         Status:  assigned
 Priority:  Medium               |      Milestone:
Component:  Applications/GetTor  |        Version:
 Severity:  Normal               |     Resolution:
 Keywords:                       |  Actual Points:
Parent ID:                       |         Points:  2
 Reviewer:                       |        Sponsor:
---------------------------------+--------------------------
Changes (by cohosh):

 * owner:  (none) => cohosh
 * status:  new => assigned


Comment:

 Okay, it seems like this was originally intended to be an actual rate
 limit, where the function `get_num_requests` was supposed to pull from the
 database requests that were in progress from the same email address. The
 way it's implemented now, requests are not removed from the table when
 they are completed. Instead, the status is updated from `ONHOLD` to
 `SENT`.

 There's no reason to keep these entries around, especially since we have a
 separate table for statistics. I also don't feel good about keeping
 records of individual requests, even if the email addresses are hashed.
 Emails draw from a low entropy tool and subsequent requests from the same
 account are linkable.

 I '''think''' just deleting requests once they are handled will fix this.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33123#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #33123 [Applications/GetTor]: Update GetTor's rate limiting
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #32962 [Core Tor/Tor]: add_c_file: bug when adding to end of include.am
Next by Author: Re: [tor-bugs] #20218 [Core Tor/Tor]: Fix and refactor and redocument routerstatus_has_changed
Previous by thread: [tor-bugs] #33123 [Applications/GetTor]: Update GetTor's rate limiting
Next by thread: Re: [tor-bugs] #33123 [Applications/GetTor]: Update GetTor's rate limiting
Index(es):
- Author
- Thread