[tor-bugs] #3396 [arm]: custom resolver

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Mon Jun 13 15:45:00 UTC 2011 

#3396: custom resolver
----------------------------+-----------------------------------------------
    Reporter:  toruser32    |       Owner:  atagar
        Type:  enhancement  |      Status:  closed
    Priority:  normal       |   Milestone:        
   Component:  arm          |     Version:        
  Resolution:  wontfix      |    Keywords:        
      Parent:               |      Points:        
Actualpoints:               |  
----------------------------+-----------------------------------------------

Comment(by atagar):

 The cron-write-to-file idea strikes me as being usable since it means that
 you only need a simple netstat task running with elevated permissions
 rather than all of arm. However, I don't really like this solution
 since...
   - it's a huge hack
   - the cron task would outlive the arm process
   - I doubt many (any?) users would take advantage of this feature

 Here's the irc discussion just in case this gets reopened:
 08:11 < toruser32> atagar, is my clarification in ticket 3396 feasible?
 08:16 < atagar> toruser32: Arbitrary python execution? That sounds very
 dangerous to me.
 08:17 < toruser32> yeah, but its up to the user to actually specify that
 08:18 < toruser32> I'd rather consider this to be a user-specified add-on
 08:21 < toruser32> atagar: is there any other method to query the active
 connection with arm being execute with a non-root, non-tor user?
 08:21 < atagar> I don't think that this would be useful to anyone besides
 you and it spooks me (it means that if I can sneak evil code into your
 /tmp and somehow get you to run arm with a bad armrc very bad things
 happen). I agree that it's not a likely vector for problems, but makes my
 skin crawl.
 08:21 < atagar> the method I suggested (piping the output to a file that's
 read) strikes me as being much safer and easier for users
 08:23 < toruser32> well, thats yet another cron job. I don't like that :(
 08:23 < toruser32> Either way, thanks
 08:23 < toruser32> I will stick to running arm under the same user I use
 for tor
 08:23 < toruser32> this should settle the problem
 08:23 < toruser32> wontfix is fine for me
 08:23 < atagar> np, sorry I don't have a better answer :/

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3396#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list