[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17949 [Tor]: Make loopback address search more efficient

Subject: Re: [tor-bugs] #17949 [Tor]: Make loopback address search more efficient
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 02 Feb 2016 00:47:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 01 Feb 2016 19:47:29 -0500
In-reply-to: <044.3ab7d717469e527fcb771c2507d1eb20@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.3ab7d717469e527fcb771c2507d1eb20@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17949: Make loopback address search more efficient
------------------------------------+------------------------------------
 Reporter:  teor                    |          Owner:  rl1987
     Type:  enhancement             |         Status:  accepted
 Priority:  Medium                  |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor                     |        Version:
 Severity:  Normal                  |     Resolution:
 Keywords:  easy TorCoreTeam201602  |  Actual Points:
Parent ID:  #17991                  |         Points:
  Sponsor:                          |
------------------------------------+------------------------------------

Comment (by teor):

 Replying to [comment:6 bugzilla]:
 > In general, localhost is a TLD, and it must be resolved through DNS. In
 one of related tickets stated that 127.0.0.1 can be seamlessly redirected
 to public IP by the system. DNS can return "not found". So, there are
 enough reasons to stop rely on localhost as a security solution.
 > General practice is that services listen on 0 (0.0.0.0 and/or [::]).
 Address filtering is a task of firewall. To handle all tasks by tor
 instance is not a good practice.

 Tor aims to be secure by design and by default. Having secure defaults
 means that even if operators are unaware of or forget a particular
 security best practice, they will end up with an acceptably secure
 configuration.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17949#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #7478 [Tor]: Allow routersets to include/exclude nodes by IPv6 address
Next by Author: Re: [tor-bugs] #18168 [Tor Browser]: Iframe based AJAX call blocked by popup-blocker or opening in new tab
Previous by thread: Re: [tor-bugs] #17949 [Tor]: Make loopback address search more efficient
Next by thread: Re: [tor-bugs] #17949 [Tor]: Make loopback address search more efficient
Index(es):
- Author
- Thread