[tor-bugs] #10067 [Tor]: Have `reject *` as the default exit policy
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 5 10:10:58 UTC 2013
#10067: Have `reject *` as the default exit policy
-----------------------------+--------------------------------
Reporter: lunar | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-relay
Actual Points: | Parent ID:
Points: |
-----------------------------+--------------------------------
Comment (by arma):
If we want to get fancier, we should look at exit policies which inherit
the default exit policy, not just ones that match it exactly. For example,
somebody whose current exit policy is "reject *:80" will still be
influenced by this change.
I also think we'll want a log_notice for people who don't specify any exit
policy lines. I haven't figured out exactly how we should do it though.
For example, that approach would preclude putting an explicit "reject *.*"
line in the sample torrc file (which would help people understand what the
default is), since then we wouldn't be able to tell whether the user had
written her own exit policy or what. Maybe we want a log_notice in any
case if the state file was written by 0.2.4.x or earlier, to let the
operator know if she happens to be looking at the logs for the one time
that they upgrade happened. Hm.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10067#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list