[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3396 [arm]: custom resolver

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #3396 [arm]: custom resolver
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Mon, 13 Jun 2011 15:45:00 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 13 Jun 2011 11:45:11 -0400
In-reply-to: <049.69c2b0e1da3087b5ef5f220f5014c059@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.69c2b0e1da3087b5ef5f220f5014c059@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#3396: custom resolver
----------------------------+-----------------------------------------------
    Reporter:  toruser32    |       Owner:  atagar
        Type:  enhancement  |      Status:  closed
    Priority:  normal       |   Milestone:        
   Component:  arm          |     Version:        
  Resolution:  wontfix      |    Keywords:        
      Parent:               |      Points:        
Actualpoints:               |  
----------------------------+-----------------------------------------------

Comment(by atagar):

 The cron-write-to-file idea strikes me as being usable since it means that
 you only need a simple netstat task running with elevated permissions
 rather than all of arm. However, I don't really like this solution
 since...
   - it's a huge hack
   - the cron task would outlive the arm process
   - I doubt many (any?) users would take advantage of this feature

 Here's the irc discussion just in case this gets reopened:
 08:11 < toruser32> atagar, is my clarification in ticket 3396 feasible?
 08:16 < atagar> toruser32: Arbitrary python execution? That sounds very
 dangerous to me.
 08:17 < toruser32> yeah, but its up to the user to actually specify that
 08:18 < toruser32> I'd rather consider this to be a user-specified add-on
 08:21 < toruser32> atagar: is there any other method to query the active
 connection with arm being execute with a non-root, non-tor user?
 08:21 < atagar> I don't think that this would be useful to anyone besides
 you and it spooks me (it means that if I can sneak evil code into your
 /tmp and somehow get you to run arm with a bad armrc very bad things
 happen). I agree that it's not a likely vector for problems, but makes my
 skin crawl.
 08:21 < atagar> the method I suggested (piping the output to a file that's
 read) strikes me as being much safer and easier for users
 08:23 < toruser32> well, thats yet another cron job. I don't like that :(
 08:23 < toruser32> Either way, thanks
 08:23 < toruser32> I will stick to running arm under the same user I use
 for tor
 08:23 < toruser32> this should settle the problem
 08:23 < toruser32> wontfix is fine for me
 08:23 < atagar> np, sorry I don't have a better answer :/

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3396#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #3396 [arm]: custom resolver
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #3396 [arm]: custom resolver
Next by Author: Re: [tor-bugs] #1329 [Torctl]: TorCtl Crashes with Invalid torrc
Previous by thread: Re: [tor-bugs] #3396 [arm]: custom resolver
Next by thread: [tor-bugs] #3397 [Metrics Website]: order more metrics data newest to oldest
Index(es):
- Author
- Thread