[tor-bugs] #10067 [Tor]: Have `reject *` as the default exit policy
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 5 16:56:28 UTC 2013
#10067: Have `reject *` as the default exit policy
-----------------------------+--------------------------------
Reporter: lunar | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-relay
Actual Points: | Parent ID:
Points: |
-----------------------------+--------------------------------
Comment (by nickm):
Replying to [comment:5 nickm]:
> We could have a new "ExitNode" flag, defaulting to "auto", and say that:
> * if ExitNode is 1, you're an exit node.
> * If ExitNode is 0, you are definitely not.
> * If ExitNode is "auto" and you have a non-reject *:* exit policy set,
you are an exit node, and we issue a warning.
> * Finally, if ExitNode is "auto" and you have no exit policy set, you
are not an exit node.
>
> This last case is one I don't like, since it would break all exit nodes
using exactly the default exit policy. Are there very many such nodes?
From Damian's results, it appears that my design as written above would
break about 516 exits. That's too many.
We *could* go with a different result:
* if ExitNode is 'auto' and you are a relay and have no exit policy set,
then we behave as currently, but warn you that you are being an exit node,
and you should set ExitNode 1 or 0. In a later version, we make ExitNode
off by default.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10067#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list