[tor-bugs] #3313 [Tor Client]: Security enhancement against malware for Tor

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue Dec 20 16:39:48 UTC 2011 

#3313: Security enhancement against malware for Tor
----------------------------+-----------------------------------------------
    Reporter:  ioerror      |       Owner:  ioerror         
        Type:  enhancement  |      Status:  reopened        
    Priority:  major        |   Milestone:  Tor: unspecified
   Component:  Tor Client   |     Version:                  
  Resolution:               |    Keywords:                  
      Parent:               |      Points:                  
Actualpoints:               |  
----------------------------+-----------------------------------------------

Comment(by atagar):

 > Why not exclude the data in that case?

 Certainly could. Couple options are to disable the connection panel or
 show the uid filtered results anyway, hoping that they just belong to tor.
 I should probably make the choice between those a config option.

 > I don't think that is a good idea. I do not believe there is a portable
 way to test for such a similar kernel feature across the platforms where
 we call ptrace.

 Pity. Cest la vie.

 > can you confirm that the _one_ thing you are now missing is the state of
 the connections as the system would see them?

 Almost. The most noticeable file descriptor use was the periodic snapshot
 of our current connections [1]. As we've discussed, at its core that's
 just a tuple of the form...
 [(local_ipAddr1, local_port1, foreign_ipAddr1, foreign_port1), ...]

 Another usage that comes to mind (and this isn't vital) is that I'm using
 the proc contents to determine the number of file descriptors tor is
 currently using [2]. This is so I can warn the user when they're reaching
 their limit and show the count (Roger one mentioned that he thought this
 was a neat feature). We planned to get this from the control socket in one
 of our proposals [3] but it wasn't implemented.

 > If we can export that from tor, would that improve your (arm
 development) life overall? :)

 Get connection information that matches system resolvers from tor? There
 is a Santa Clause! :P

 Cheers! -Damian

 [1]
 https://gitweb.torproject.org/arm.git/blob/HEAD:/src/util/connections.py#l212
 [2]
 https://gitweb.torproject.org/arm.git/blob/HEAD:/src/util/torTools.py#l1218
 [3] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/173
 -getinfo-option-expansion.txt#l68

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3313#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list