[tbb-bugs] #19206 [Applications/Tor Browser]: SOCKS isolation should include a process identifier.

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon May 30 18:51:17 UTC 2016


#19206: SOCKS isolation should include a process identifier.
------------------------------------------+----------------------
     Reporter:  yawning                   |      Owner:  tbb-team
         Type:  enhancement               |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 This isn't an issue when using Tor Browser with "tor-launcher forks/execs
 the tor process" model, but is relevant to all other use cases,
 particularly with a system tor instance.

 The SOCKS username/password isolation should include a instance identifier
 such that each invocation of Tor Browser ends up using difference circuits
 (Currently, the isolation tags will get reused).

 The current format is `domain:counter`.  The naive implementation of this
 would be something like `domain:pid:counter`.  `pid` could be expanded to
 include process launch time information or similar to handle the PID reuse
 case, but I'm not sure how likely that is (the entire PID space needs to
 be consumed before PIDs are reused on Linux).

 I filed #18125 a while ago with similar rationale in mind, but doing it
 this way is better, so feel free to kill off the older ticket in favor of
 this one.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19206>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list