[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18214 [Tor]: exit policy wrongly displayed in globe, atlas etc.
#18214: exit policy wrongly displayed in globe, atlas etc.
------------------------------------------------+--------------------------
Reporter: toralf | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
Component: Tor | 0.2.8.x-final
Severity: Normal | Version: Tor:
Keywords: security 027-backport 026-backport | 0.2.7.6
Parent ID: | Resolution:
Sponsor: | Actual Points:
| Points:
------------------------------------------------+--------------------------
Comment (by nickm):
I agree we could simplify better. Our current simplification logic can
only remove a policy A when there is some other B that contains all of A.
(And when there is no intervening policy C that makes things more complex
-- see exit_policy_remove_redundancies for the full details.) We don't
currently combine or split policies even when their port or address ranges
would permit this.
But in the second case, I don't think it's a bug. We're leaving those
policies out of the descriptor because they are redundant. Consider
`reject *:20-21` in particular. There's nothing in the policy to say we
accept those ports, so `reject *:20-21` is completely contained within
`reject *:*` at the end of the policy.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18214#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs