[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #6396 [Tor Bridge]: Reachability tests for obfuscated bridges
#6396: Reachability tests for obfuscated bridges
------------------------+---------------------------------------------------
Reporter: asn | Owner:
Type: task | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor Bridge | Version:
Keywords: pt | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by isis):
Replying to [comment:4 rransom]:
> Does âOONIâ (I'm not sure what exactly that refers to) have a stated
policy specifying which inputs to ooniprobe.py are allowed to be attacker-
controlled, and which inputs must be received from a trusted source?
OONI refers to ooniprobe, and all the other included code. We do not yet
have such a policy, though we should. It is my understanding that
ooniprobe.py should be able to be run by an unprivileged user, and
including something which allows arbitrary code execution obviously allow
a separate local privilege escalation exploit to be run, and then you know
the rest.
I could do a check that the SHA1 of the PT binary file is correct for that
architecture, but that seems extremely bulky and kludgy, and it wouldn't
scale well as new PTs are developed. I'm leaning towards just commenting
the PT test option out, with an explanation, so that people who want to
use it can just go in and uncomment it.
Do you have any ideas or suggestions?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6396#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs