[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: ACLs null on NT

To: or-talk@xxxxxxxxxxxxx
Subject: Re: ACLs null on NT
From: Nick Mathewson <nickm@xxxxxxxxxxxxx>
Date: Tue, 8 Aug 2006 17:59:09 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 08 Aug 2006 17:59:25 -0400
In-reply-to: <44D7AF1F.8030601@gmail.com>
Mail-followup-to: Nick Mathewson <nickm@xxxxxxxxxxxxx>, or-talk@xxxxxxxxxxxxx
References: <44D7AF1F.8030601@gmail.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.2.1i

On Mon, Aug 07, 2006 at 02:22:39PM -0700, Lee Fisher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,

> I'm new here, I'm reviewing the code and spec, trying to find out more
> about bug 98 (WindowsBufferProblems wiki page).  Here is an unrelated
> observation, constructive feedback about how to improve security for Tor
> on NT a little.
>

Hi, Lee!  This looks like good research.  There's one big problem,
though: our windows skills are weak.  We'll either need a patch for
this stuff, or more specific instructions about what exactly to do, or
this could take a very long time to fix.

> I notice that NULL ACLs are being used.  Libevent's win32-code/misc.c's
> socketpair() calls CreateNamedPipe()
 [...]

I'll pass this on to the libevent list.

-- 
Nick Mathewson

Attachment: pgpT3QucMPuy6.pgp
Description: PGP signature

Follow-Ups:
- Re: ACLs null on NT
  - From: Lee Fisher

References:
- ACLs null on NT
  - From: Lee Fisher

Prev by Author: Re: Abusing Root-CA attack on tor
Next by Author: Re: Can governments block tor?
Previous by thread: ACLs null on NT
Next by thread: Re: ACLs null on NT
Index(es):
- Author
- Thread