[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #10196 [Flashproxy]: allow the client to pick a specific relay for its registration

Subject: Re: [tor-bugs] #10196 [Flashproxy]: allow the client to pick a specific relay for its registration
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sun, 01 Dec 2013 04:27:01 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 30 Nov 2013 23:27:00 -0500
In-reply-to: <049.ba9585629093e8329524733c6229b67f@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.ba9585629093e8329524733c6229b67f@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#10196: allow the client to pick a specific relay for its registration
-----------------------------+-----------------
     Reporter:  infinity0    |      Owner:  dcf
         Type:  enhancement  |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Flashproxy   |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-----------------

Comment (by dcf):

 We need to think through the security implications of allowing the client
 to control what endpoints proxies connect to. If would allow a
 (potentially malicious) client to initiate a TCP connection to any IP
 address--and exchange data with any WebSocket server that exists anywhere.
 The client could cause the proxy to send and receive arbitrary plaintext,
 plaintext that will be examined by your company or university's firewall.

 As it is now, a malicious client gets to control only one endpoint of the
 communication, and cannot force the proxy to carry plaintext.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10196#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #10196 [Flashproxy]: allow the client to pick a specific relay for its registration
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #10213 [Tor bundles/installation]: Tor Browser 3.0 rc1 start-tor-browser.sh broken on Fedora 19 or Debian Squeeze
Next by Author: Re: [tor-bugs] #10259 [Tor]: gcc 4.8 with CFLAGS=-Os generates infinite loop in smartlist_ensure_capacity() (was: smartlist_ensure_capacity() issue with gcc 4.8)
Previous by thread: [tor-bugs] #10196 [Flashproxy]: allow the client to pick a specific relay for its registration
Next by thread: [tor-bugs] #10197 [Website]: Include minimal sane bandwidth requirements for running relay
Index(es):
- Author
- Thread