[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #3540 [Tor Client]: Limit the number of non-open general circuits

To: undisclosed-recipients:;
Subject: [tor-bugs] #3540 [Tor Client]: Limit the number of non-open general circuits
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Thu, 07 Jul 2011 15:41:55 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 07 Jul 2011 11:42:05 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#3540: Limit the number of non-open general circuits
------------------------+---------------------------------------------------
 Reporter:  nickm       |          Owner:                    
     Type:  defect      |         Status:  new               
 Priority:  normal      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Client  |        Version:                    
 Keywords:              |         Parent:  #1865             
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------
 With some proposal 171 options, it's pretty easy for an ill-conceived
 configuration and a/or a hostile application/server combination to provoke
 a huge number of circuits.  For example, if the user foolishly chooses
 IsolateDestAddr or IsolateDestPort on a port that they then use for web
 browsing, a hostile webpage can trivially make Tor try connections to an
 arbitrarily large number of addresses, or to every possible port.

 We could say "Don't do that then", but there's always some genius who
 wants to ship a "sooper secure" bundle with all the options turned on.  So
 instead, let's have an option to limit the number of general circuits that
 can be in a "building" state at a time.

 This should have a reasonably safe default and a reasonably high maximum.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3540>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #3540 [Tor Client]: Limit the number of non-open general circuits
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #3540 [Tor Client]: Limit the number of non-open general circuits
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #3533 [EFF-HTTPS Everywhere]: HTTPS Everywhere doesn't rewrite URLs passed as command line arguments to Firefox
Next by Author: Re: [tor-bugs] #2797 [Tor Client]: Fix redundant checks around routerset_contains_XYZ()
Previous by thread: Re: [tor-bugs] #3539 [Tor Client]: Write manpage entries for Proposal171 FooPort syntax
Next by thread: Re: [tor-bugs] #3540 [Tor Client]: Limit the number of non-open general circuits
Index(es):
- Author
- Thread