[tor-bugs] #17901 [Tor]: Tor would bind ControlPort to public ip address if it has no localhost interface

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Dec 29 04:31:59 UTC 2015


#17901: Tor would bind ControlPort to public ip address if it has no localhost
interface
---------------------------------------+-----------------------------------
 Reporter:  s7r                        |          Owner:  teor
     Type:  defect                     |         Status:  assigned
 Priority:  High                       |      Milestone:  Tor:
Component:  Tor                        |  0.2.8.x-final
 Severity:  Major                      |        Version:  Tor: 0.2.7.6
 Keywords:  027-backport 026-backport  |     Resolution:
Parent ID:                             |  Actual Points:
  Sponsor:                             |         Points:
---------------------------------------+-----------------------------------

Comment (by yawning):

 Replying to [comment:13 teor]:
 > To summarise, I think we need to implement the following changes:
 > * For every *Port that currently listens on 127.0.0.1 by default:
 >   * ControlPort TransPort/NATDPort DNSPort ExtORPort SocksPort
 > * If there is no 127.0.0.0/8 on the server, reject the *Port with a
 warning that tells the user to supply an explicit IP address if they
 really want their *Port listening on a non-local address.
 > * Bind all *Ports to:
 >   * The first IPv4 address that "localhost" resolves to, as long as it
 is in 127.0.0.0/8, or 127.0.0.1 by default
 >     * This ensures that configurations that have localhost on an
 alternate address in 127.0.0.0/8 continue to work (this is another common
 BSD jail config)
 >
 > This issue may also affect HiddenServicePort, which defaults to
 connecting to 127.0.0.1. We should check that it fails if there is no
 127.0.0.1, and the warning is helpful, if so, the current behaviour is
 fine.
 >
 > I can make these changes along with #11360.

 These seem ok.  I'd suggest allowing localhost to also be `[::1]` for the
 far future.  I'm vaguely inclined to also add an extra config option which
 needs to be enabled to allow non-localhost/`AF_UNIX` ControlPort, because
 it really is that bad of an idea, but that may be overly hand-holding.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17901#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list