[tor-bugs] #10629 [Tor]: PT spec changes for better interoperability with other projects
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 29 23:54:57 UTC 2014
#10629: PT spec changes for better interoperability with other projects
-----------------------------+-----------------------
Reporter: infinity0 | Owner: infinity0
Type: enhancement | Status: assigned
Priority: normal | Milestone:
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+-----------------------
Comment (by yawning):
Replying to [comment:6 infinity0]:
> I clarified the SSL SOCKs connection with the i2p devs. The intention
isn't to use PT clients remotely, but rather to avoid giving access to
other non-privileged users on the localhost machine.
>
> So, for example, plaintext authentication to the PT client would work as
well, assuming that non-priv users can't sniff traffic on localhost
interfaces. (Not sure if this clashes with the current use of SOCKS auth
for other things though.)
That's the case for every common OS out there (If someone makes tcpdump
suid root, they get what they deserve), including Windows. I assume this
is more of a defense in depth thing, since the traffic they pass over a PT
should be encrypted anyway....
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10629#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list