[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] CPAProxy - a thin Objective-C wrapper around Tor



Claudiu-Vlad Ursache:
> - CPAProxy sets up Tor's DataDir in a temporary directory of an app's
> sandbox where it's not accessible by other processes. Should that directory
> be protected in any other way?

Having DataDir temporary means that the client will pick new guards
everytime it starts. This opens the door to more traffic correlation
attacks. See the relevant FAQ for more details about entry
guards: <https://www.torproject.org/docs/faq.html.en#EntryGuards>

-- 
Lunar                                             <lunar@xxxxxxxxxxxxxx>

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev