[tor-bugs] #2667 [Tor Relay]: Exits should block reentry into the tor network
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Dec 2 04:49:46 UTC 2011
#2667: Exits should block reentry into the tor network
-----------------------+----------------------------------------------------
Reporter: mikeperry | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version:
Keywords: | Parent: #2664
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by arma):
I started out thinking that the "exits should block connections back into
the network" was a great idea, but the "bridges should refuse connections
from exits" was a poor idea since it prevents people sharing an IP address
with an exit relay from using bridges.
But on further thought, I think that's an acceptable tradeoff: if you're
the sort of place that needs a bridge, hopefully you're not the sort of
place that runs an exit.
This gets messier when we think about the concrete example of Syria
though. We have a lot of users in Syria, and some of them click 'share'
sometimes. We plan to make it easier to badexit those relays (#4207). But
bridges in this case should ignore the badexit flag when deciding whether
to hang up on a connection from an exit relay's IP address. So you can't
use a bridge if the guy sitting near you in the Internet cafe three hours
ago clicked 'share'? That's sad.
Also, I note that multihomed exits are another unhandled edge case here.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2667#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list