[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #1859 [Tor Client]: Using 'mytorexitnode.exit' request when mytorexitnode is both exit and client
#1859: Using 'mytorexitnode.exit' request when mytorexitnode is both exit and
client
------------------------+---------------------------------------------------
Reporter: mwenge | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone:
Component: Tor Client | Version: Tor: 0.2.2.12-alpha
Keywords: | Parent:
------------------------+---------------------------------------------------
Comment(by mwenge):
Replying to [comment:20 tractor]:
> Routerinfo_t returned by router_get_by_nickname() while it's not a part
of routerlist have been just a bug on the fact.
> For an attack will use the conditions under which this pseudo-element
list is returned
> at:
> {{{
> if (server_mode(get_options()) &&
> !strcasecmp(nickname, get_options()->Nickname))
> return router_get_my_routerinfo();
> }}}
> combining a role of client and an exit relay allows an attacker to
identify a relay that victim used as OP.
>
You're right, but the above is a separate bug I think. (And an extremely
good spot!) It will happen any time a someone running a default-configured
Vidalia exit and a client clicks or uses a link ending 'Unnamed.exit'.
They'll end up using their own exit as exit. Ouch.
If the solution to this bug doesn't fix it, it should be opened as a new
bug. It probably merits separate consideration.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1859#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs