#18157: Which hidden services am I running?
-------------------------+------------------------------
Reporter: cypherpunks | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: 0.2.???
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: SponsorR
-------------------------+------------------------------
Comment (by yawning):
Replying to [comment:5 cypherpunks]:
> >The rational being because, most apps have no business in knowing that
other apps are running HSes.
>
> I'm not against that, yes the other apps shouldn't know. I'm 100% for
that. But, the human being running the tor client should know what her tor
client is doing and if she is being exposed to the tor network unbeknownst
to her, or if the "apps" are overreaching and running a backdoor into her
server.
Can't limit control port commands on a per-consumer basis at the moment.
Patches accepted. Till then, it's probably a good idea to assume that
anything that has access to the control port can de-anonymize you
(Technically speaking you could proxy the control port with a third party
codebase like what Tails/Whonix/Myself do, but since that use case is
rather non-standard, I'm still against changing what information is
exposed for eph. Onion Services till something like ACLs exist).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18157#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs