[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor already running
On 8/24/12, adrelanos <adrelanos@xxxxxxxxxx> wrote:
> Robert Ransom:
>> On 8/24/12, Aaron Paden <aaronbpaden@xxxxxxxxx> wrote:
>>> So I'm not an expert in shell or anything. I know there are a lot of
>>> gotchas. It seems like it should be possible, though. Is there something
>>> wrong with using pgrep or something?
>>
>> Several things:
>>
>> * pgrep isn't POSIX, and it isn't in GNU coreutils (as of version
>> 8.13), so it probably won't exist on someone's Linux system.
>
> That's a really esoteric thing. Any half recent Linux system will have
> it installed?
POSIX is not esoteric. But there is a pgrep in the âprocpsâ package,
which contains the POSIX-required ps command, and FreeBSD ships with a
pgrep, so pgrep should be available everywhere TBB for Linux can be
run anyway.
> If not, in long run there will (hopefully) be packages and TBB should
> depend on pgrep (if decided to use it).
No. If the Tor Browser is packaged properly for a Linux distribution,
it will be configured to use a system-wide Tor instance, and it won't
use any of the startup crap that TBB includes.
> If Mike wants to fulfill the esoteric requirement to POSIX and coreutils
> pre 8.13 compatible, the script could test if pgrep exists and leave
> them with the current behavior.
I assumed that if pgrep were ubiquitous on Linux systems, it would be
in coreutils (bad assumption), so I looked there. I only stated the
version of coreutils that I checked because I didn't want to go hunt
for the most recent version of coreutils.
>> * pgrep only indicates that there is some process named âtorâ (or
>> âvidaliaâ) running, not that the specific Tor or Vidalia shipped in
>> TBB is running.
>
> I fail to see the problem? Please elaborate. Tor Browser should also be
> compatible with system wide installed Tor/Vidalia. (i.e. apt-get install
> tor vidalia)
No. TBB is intended to not interact with a system-wide Tor instance in any way.
>> * There is currently no way for any program not started by TBB-Vidalia
>> to determine which ports TBB-Tor is listening on, and there is no way
>> for any such program to determine what control-port password Torbutton
>> will need in order to send TBB-Tor a âSIGNAL NEWNYMâ command (required
>> for the âNew Identityâ command to work). (See also
>> https://bugs.torproject.org/6609 .)
>
> What's the suggested solution here? Why not write those data into a file
> or environment variable?
TBB-Vidalia does write all of that information into environment
variables, which is why only programs which it starts have easy access
to it. The control-port password will never be written to a file
because any attacker who can authenticate to a Tor instance's control
port can completely destroy its user's anonymity.
Robert Ransom
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk