[tor-bugs] #17901 [Tor]: Tor would bind ControlPort to public ip address if it has no localhost interface

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Dec 20 12:30:27 UTC 2015


#17901: Tor would bind ControlPort to public ip address if it has no localhost
interface
--------------------+------------------------------
 Reporter:  s7r     |          Owner:
     Type:  defect  |         Status:  new
 Priority:  Medium  |      Milestone:  Tor: 0.2.???
Component:  Tor     |        Version:  Tor: 0.2.7.6
 Severity:  Normal  |     Resolution:
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------

Comment (by yawning):

 Replying to [comment:3 s7r]:
 > While bind to whatever/default is good and wanted for DirPort and ORPort
 it's very not wanted for SocksPort, ControlPort, ExtORPort and other ports
 opened by Tor which are not meant to be open publicly.

 ExtOR being open to the world is... odd but won't be game breaking since
 it doesn't allow anything apart from serving as a sink for PT traffic (and
 it's authenticated similar to ControlPort with cookie auth).

 > teor I think if ControlPort <public IP>:<port> is manually and
 explicitly set we should assume that the user knows what he is doing and
 proceed, or be very protective and decide he'd rather not?

 The former, but warn loudly that it's a bad idea, probably?

 In an ideal world, we'd deprecate binding the ControlPort to non-AF_UNIX
 sockets where AF_UNIX is available (because it is that big of a foot + gun
 hazzard), but I expect that to be a non-starter just for legacy reasons,
 unfortunately.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17901#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list