[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: ACLs null on NT



On Mon, Aug 07, 2006 at 02:22:39PM -0700, Lee Fisher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
 
> I'm new here, I'm reviewing the code and spec, trying to find out more
> about bug 98 (WindowsBufferProblems wiki page).  Here is an unrelated
> observation, constructive feedback about how to improve security for Tor
> on NT a little.
>

Hi, Lee!  This looks like good research.  There's one big problem,
though: our windows skills are weak.  We'll either need a patch for
this stuff, or more specific instructions about what exactly to do, or
this could take a very long time to fix.

> I notice that NULL ACLs are being used.  Libevent's win32-code/misc.c's
> socketpair() calls CreateNamedPipe()
 [...]

I'll pass this on to the libevent list.

-- 
Nick Mathewson

Attachment: pgpT3QucMPuy6.pgp
Description: PGP signature