[tor-bugs] #6937 [Tor Client]: SocksPipe or SocksSocket - an anonymous pipe to smoke network leakings bug out (of)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun Sep 23 00:26:21 UTC 2012
#6937: SocksPipe or SocksSocket - an anonymous pipe to smoke network leakings bug
out (of)
-------------------------------------+--------------------------------------
Reporter: ioerror | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor Client | Version: Tor: unspecified
Keywords: security needs-proposal | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
Comment(by ioerror):
It also seems that we could use a Named Pipe on Linux as long as the
hypothetical ort shim ensures that the data is smaller than PIPE_BUF
bytes. Anything more and it will interleave client requests (!) to the
pipe.
I suggest that at first, we add a Unix Domain Socket simply to have a
basic full duplex thing that works, then a full duplex named pipe with
PIPE_BUF sized chunks on the client, and finally a full duplex named pipe
for win32. We might want to try something with anonymous pipes but I'm not
sure of the point - perhaps if we have developed the Tor Browser zygote
idea further we might want it in that specific case?
In theory, one of those should work and all of them add security context
information, each should bypass a local firewall and allow us to jail
applications more effectively.
Thoughts?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6937#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list