[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Proposal xxx: Safe cookie authentication
> I don't know whether that would be acceptable to controller authors
> and users.
I'm fine with a couple things...
* adding a tor provided blacklist
* adding a tor provided whitelist *if* Tor itself fails to start when
the torrc has an CookieAuthFile outside of that list and all versions
which allow for non-whitelisted files are flagged as obsolete
It would cause confusion for users to be able to define any arbitrary
cookie path in Tor, then have some controllers provide buggy looking
behavior by failing to authenticate.
As mentioned in irc this Safe Cookie proposal should also include the
deprecation of the current CookieAuthentication option. Otherwise a
malicious socket could simply claim to only support non-safe cookie
authentication to still trick controllers into divulging the cookie.
Users could tell their controller to only allow safe cookie auth but
in practice users, of course, won't do that.
Cheers! -Damian
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev