On 18. Juni 2014 at 16:26:38, Zack Weinberg (zackw@cmu.edu) wrote:
Best practice as I understand it is that you should have an exit notice on all exit relays. What I'm not sure of is whether "DirPort 80 + DirPortFrontPage" is the recommended way to accomplish that. The CMU Tor exit uses a separate lighttpd install, I think primarily because we didn't know about DirPortFrontPage when we set it up. I can make a case either way - less software = less attack surface; separate install = compartmentalization.
I understand the 'less software’ benefit; I’m currently reading https://en.wikipedia.org/wiki/Compartmentalization_(information_security) but still not sure if I understand correctly the reference to the ‘compartmentalization' in this case.
As long as we're talking about exits, a nice touch would be to include the reduced exit policy as an option ( https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy ); the ideal would be a three-way choice of not an exit / wide-open exit / reduced exit (no email or BitTorrent) plus a place to add local exit rules.
Yes, makes sense, and should not be too complex to implement, I’ll try to add this and get back here for some review. Thanks for the feedback
-- Alexander Fortin http://about.me/alexanderfortin