On 30 Nov (14:22:19), Philipp Winter wrote:
On Fri, Nov 29, 2013 at 11:37:27AM -0500, David Goulet wrote:
On 29 Nov (15:07:41), Philipp Winter wrote:
I also have a minor feature request. It would be great if torsocks could display the source IP address and port of connections. I'm currently working on a Tor controller component where knowing the source port of a connection would be very useful to map streams to circuits. Here's a branch with a patch in it (which is untested on OS X and the BSDs): https://github.com/NullHypothesis/torsocks/tree/print_source
Tor has a "SafeLogging" configuration option that scrubs this kind of information from the logs and it's turned on by default. I'm wondering here what is the best approach. Looking for the torrc configuration file and checking if it's enabled or not, adding a configuration option *in* torsocks or enabling/disabling this info by default?
Any thoughts?
Hmm, I am not sure how much of a problem that actually is. It depends on torsocks' threat model, of course, but there's other potentially sensitive information aside from the debug log such as the user's shell history which would tell an attacker when the user executed which program using torsocks.
Having said that, as a user, I would probably prefer a dedicated torsocks option (which could be scrub-by-default) over torsocks trying to figure out Tor's config.
Yes that's my prefered option.
For now, adding your code which by default prints the information in debug mode and we'll see once the stable comes out if a SafeLogging option is useful/needed. Let's go incrementally instead of over thinking it right now and possibly do it wrong :).
I might change a couple of things in your patch in terms of code standard. Nothing major, I'll let you know when upstream.
Thanks! David
Another option would be to simply print a warning as the first message in debug mode mentioning that the log contains local IP addresses, ports etc.
Cheers, Philipp _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev