On 28 Jan 2016, at 03:07, Damian Johnson <atagar@torproject.org> wrote:
Hi Pierre. Nope, no need to change your torrc - the control port is only available on localhost by default (not sure why Josef said that).
Some FreeBSD jail and OpenVZ configs assign 127.0.0.1 to a non-loopback interface. We're working on detecting that in Trac ticket #17901, until then, it's more reliably secure to use a ControlSocket on these systems. Alternately, you can confirm that: * The first IP address assigned to the FreeBSD jail is not a public address (FreeBSD redirects jail connections to 127.0.0.1 to the first jail IP address), or * OpenVZ has not assigned 127.0.0.1 to a non-loopback interface, you want it on lo* rather than venet* (you can use ifconfig or similar to check this) https://trac.torproject.org/projects/tor/ticket/17901 Tim Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP 968F094B teor at blah dot im OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F