> Under the old method I required the user to set up the hidden/onion > service by adding a line to their torrc. That's not necessary if I used > ADD_ONION. In both methods I still need them to enable the control port right. it shouldn't be necessary at all to modify the torrc... for most features. > and an authentication, but it's just one less requirement using ADD_ONION. nah... you could use a unix domain socket instead of a TCP port and then just use filesystem permissions to limit access to the socket file. i much prefer this to authentication. > Data isolation is improved because it separates responsibility. In > Linux, the tor binary runs under a separate user and sets up permissions > to protect sensitive data. My OnioNS software can run as a separate user > as well. This way, data is isolated to its respective software and I'm > not mixing everything. hmm ok well keep in mind an unfiltered contorl port is rather powerful and in a sense brings your software into the same security domain as the tor process. access to the control port can cause tor to execute a specified binary as a pluggable transports.
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev