[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Lock Control Port



On Saturday 13 October 2007 21:27:01 Roger Dingledine wrote:
> On Sat, Oct 13, 2007 at 10:50:16AM +0100, Robert Hogan wrote:
> > While we're all still 'getting there', controllers could have the option
> > of locking the control port if no auth mechanism is enabled, and even
> > when it is. Given that users tend not to share installations and most run
> > their controller concurrently with tor at all times this would be a
> > useful fallback measure.
>
> Why not have your controller enable authentication when it connects and
> doesn't like what it finds? If you want, you can then disable it when
> you disconnect.
>
> This approach would seem to have all the same properties of your
> lock/unlock without any new commands or code.
>

Duh. Don't know where I was going with that one.

Attachment: signature.asc
Description: This is a digitally signed message part.