[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Why does tor control port 9051 allow empty authentication?

To: Tor Talk List <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-talk] Why does tor control port 9051 allow empty authentication?
From: Yuri <yuri@xxxxxxxxx>
Date: Fri, 18 Aug 2017 12:45:17 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 18 Aug 2017 15:45:38 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1

This confuses me:


$ telnet localhost 9051
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
authenticate
250 OK


Isn't it supposed to require either auth-cookie or hashed password?

Where is authentication policy described?


Yuri


--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Why does tor control port 9051 allow empty authentication?
  - From: Damian Johnson

Prev by Author: Re: [tor-talk] MTor (multicast tor), is it going to be released?
Next by Author: [tor-talk] MTor (multicast tor), is it going to be released?
Previous by thread: Re: [tor-talk] Tails prevents MAC changes as design feature
Next by thread: Re: [tor-talk] Why does tor control port 9051 allow empty authentication?
Index(es):
- Author
- Thread