On 28 Jan 2016, at 03:07, Damian Johnson atagar@torproject.org wrote:
Hi Pierre. Nope, no need to change your torrc - the control port is only available on localhost by default (not sure why Josef said that).
Some FreeBSD jail and OpenVZ configs assign 127.0.0.1 to a non-loopback interface. We're working on detecting that in Trac ticket #17901, until then, it's more reliably secure to use a ControlSocket on these systems.
Alternately, you can confirm that: * The first IP address assigned to the FreeBSD jail is not a public address (FreeBSD redirects jail connections to 127.0.0.1 to the first jail IP address), or * OpenVZ has not assigned 127.0.0.1 to a non-loopback interface, you want it on lo* rather than venet* (you can use ifconfig or similar to check this)
https://trac.torproject.org/projects/tor/ticket/17901
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP 968F094B
teor at blah dot im OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F