[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing

Subject: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 19 Jul 2017 06:38:14 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 19 Jul 2017 02:38:25 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22976: disallow tor exec'ing
------------------------------+-----------------
     Reporter:  dawuud        |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+-----------------
 Hello from PETS2017. I recently chatted with Nick Mathewson who suggested
 that it would be very easy to patch tor such that exec'ing programs could
 optionally be disallowed. Currently there are three torrc config options
 that can cause tor to exec:

 1. PortForwardingHelper
 2. ClientTransportPlugin
 3. ServerTransportPlugin

 Of course these can be used via the control port which is precisely why it
 was important to the Subgraph OS project to have a decent Tor control port
 filter; we were mainly concerned with preventing sandbox escapes. I wrote
 Roflcoptor for this purpose:

 https://github.com/subgraph/roflcoptor

 A few other projects have also written their own Tor control port filter
 daemons. I will not list them here. Even with this feature addition to
 tor, these Tor control port filter daemons will still be useful for
 limiting the authority delegated by access to the tor control port.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22976>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #22870 [Core Tor/Tor]: consdiff test fails on OS X
Next by Author: [tor-bugs] #22882 [Core Tor/Tor]: The v4 link protocol requires the initiator to set the most significant bit
Previous by thread: Re: [tor-bugs] #21961 [Applications/Tor Browser]: should torbrowser enable network.IDN_show_punycode by default?
Next by thread: Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing
Index(es):
- Author
- Thread