[tor-bugs] #17901 [Tor]: Tor would bind ControlPort to public ip address if it has no localhost interface

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Dec 20 12:24:24 UTC 2015


#17901: Tor would bind ControlPort to public ip address if it has no localhost
interface
--------------------+------------------------------
 Reporter:  s7r     |          Owner:
     Type:  defect  |         Status:  new
 Priority:  Medium  |      Milestone:  Tor: 0.2.???
Component:  Tor     |        Version:  Tor: 0.2.7.6
 Severity:  Normal  |     Resolution:
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------

Comment (by yawning):

 Replying to [comment:1 teor]:
 > One way of resolving this issue is to check that we're actually binding
 to 127.0.0.1 or ::1 for the (default/no IP address) ControlPort and
 SOCKSPort, and complain loudly and fail to launch if we're not.

 I'm ok with this.  We already have code for enumerating interfaces, so we
 could warn earlier as well.

 > We can require the user to configure an explicit IP address (or access
 rules? does the ControlPort have those?) to silence the warning and start
 tor.

 There's flags for all the Ports, so adding another is easy-ish (to allow
 unsafe behavior).  Even if they explicitly configure something I'd vote
 that we warn anyway, because it's still a horrific idea, just actually
 start up instead of terminating on the warning.

 For future reference, if something that will never work correctly when
 jailed comes up in the future, there's a sysctl MIB
 (`security.jail.jailed` which will be set to `1`) that can be queried via
 `sysctl(3)`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17901#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list