[tbb-bugs] #25529 [Core Tor/Tor]: Tor not reading torrc-defaults when started from command line, while it reads it successfully when started from Tor Browser
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Mar 18 08:15:14 UTC 2018
#25529: Tor not reading torrc-defaults when started from command line, while it
reads it successfully when started from Tor Browser
-------------------------------------------------+-------------------------
Reporter: omareg94 | Owner: tbb-
| team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version: Tor:
| 0.3.2.10
Severity: Normal | Resolution:
Keywords: torrc torrc-defaults defaults meek | Actual Points:
tor-browser-bundle configuration bridge |
pluggable-transports connection |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by omareg94):
Replying to [comment:11 arma]:
> Correct, I think the mistake here is that the hand-crafted command line
didn't tell Tor to use that torrc-defaults file, so it doesn't use it.
Replying to [comment:9 cypherpunks]:
> {{{
> "C:\Tor Browser\Browser\TorBrowser\Tor\tor.exe" --defaults-torrc "C:\Tor
Browser\Browser\TorBrowser\Data\Tor\torrc-defaults" -f "C:\Tor
Browser\Browser\TorBrowser\Data\Tor\torrc" | more
> }}}
I thought Tor by default should have included the torrc-defaults without
the command line option. So I thought it was a bug not being included.
I think it's mentioned in the [https://www.torproject.org/docs/tor-
manual.html.en manual] that it loads by default (without adding the
--defaults-torrc option):
> --defaults-torrc FILE
> ... (Default: @CONFDIR@/torrc-defaults.)
Please correct me if I'm wrong because I'm not sure what "Default:
@CONFDIR@/torrc-defaults" here really means.
----
Replying to [comment:10 cypherpunks]:
> By the way as far as I know the `meek` that you're seeing there has
become more and more coupled to the Tor Browser, and for those who want to
use `meek` the way to go would be to use `meek_lite` ...
Yes the original meek used in my included log is exactly the same one (I
thought it was something not widely used so I manipulated it in the
included log to protect my privacy).
● I don't get this, why something widely used like this can't be blocked
by ISP?
● Also is it a security vulnerability to give many users the ''SAME
MEEK''?
● Also what's the difference between ''meek'' & ''meek_lite'' and why to
use it?
The only idea I have about meeks is that it's an
[https://www.bamsoftware.com/papers/fronting/meek-architecture.svg
implementation of Domain Fronting]. It will really help if you could
suggest something to read explaining this in order to figure out what's
really a meek and why to use meek_lite not meek.
> Note that it's a different implementation so the network fingerprint
will surely not match that of the standard `meek` if I'm not mistaken.
● Also, I don't understand the importance of this and what's the problem
of the standard `meek`.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25529#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list