[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #22461 [Core Tor/Tor]: Tor emits inaccurate safesocks warning event whenever you visit a naked IP address
#22461: Tor emits inaccurate safesocks warning event whenever you visit a naked IP
address
--------------------------+---------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+---------------------
Comment (by arma):
To be clear, the problem to warn about is when an application is using a
fundamentally unsafe variant of socks -- e.g. socks4 rather than socks4a,
or socks5-with-ip-address rather than socks5-with-fqdn.
If the application is correctly using socks5-with-fqdn, yet the address
that gets asked for is a string that happens to be an ipv4 address, I
think everything is going according to plan.
(I acknowledge that there could be edge cases where the user has set up
some complex machinery to do resolves some other unsafe way, and then pass
them to an application that does the correct sort of variant of socks. But
I don't think it's our place for Tor to warn in that case.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22461#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs