[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: How to set time.
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: How to set time.
- From: Watson Ladd <watsonbladd@xxxxxxxxx>
- Date: Thu, 23 Jul 2009 12:26:52 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Thu, 23 Jul 2009 12:27:13 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type; bh=AYlxlc5iSBIn24Ye4vPRak11f/wmtpc8m0A6pujrU1o=; b=dMlZwKx9qy6JUKvR+irguFueO0IulAL9vRwXp7uN2zX4eDFS9IEV0IeCyhlUjDPQDD AG8nhmO+4IdcOBHM12lwK6AzkxpJ3yVpO8cHPU4ux8l3W8MkVN043D7o0zw4GKiOfx+6 5GuOOwsrXXAedFmntYQPfQzwCX7A9OPP+2i3s=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; b=rmxsPUQavv0EH41dUpIYg5rqBw1ch3SSp3jjbve2g2HHiFDypfsHLeAFsWa2AQXRaQ YMqbMtrdH2OAWQLT2F3ddpQVlQsyjBSEyxoSAK7bguiCYwZ0Di5D3TxQoOQciw4QkPm9 Gsvx80WMPMzk75aBUQgyKJA5F/yra7Y3fy7Xs=
- In-reply-to: <4A6889E4.9020606@xxxxxxx>
- References: <200907230656.n6N6uMxl013166@xxxxxxxxxxxxx> <4A6889E4.9020606@xxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 184.108.40.206 (Macintosh/20090605)
Niels Elgaard Larsen wrote:
> Scott Bennett wrote:
>> On systems that distinguish clearly among userids (ahem) and
>> ones where different userids have different security privileges, tor
>> changes its userid to something specific to tor during initialization,
>> usually as soon as any privileged operations have completed and before
>> ordinary tor operations have begun. An attempt to set the system time
>> date on a system that associates privileges with userids may fail if
>> it takes
>> place after tor has relinquished extra privileges.
> Yes, the timing could be tricky. A cron job that check the tor log file
> (if configuration logs it) for time offset and set the system time could
> work because TOR should work even if the clock is set some time after it
> starts. But it is not a very elegant solution.
>> An hypothetical
>> alternative method would involve tor keeping its own clock to use in the
>> form of an offset from the system clock, but such an approach may well be
> On the other hand it would work better for eg. TOR browser bundle.
It would enable an entry guard to give a different time to a client, and
so distinguish that client's connections to sites of interest via
protocols that use a timestamp sent in the clear.
Description: OpenPGP digital signature