[tor-bugs] #4581 [Tor]: Dir auths should defend themselves from too many begindir requests per address
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jun 1 16:07:29 UTC 2015
#4581: Dir auths should defend themselves from too many begindir requests per
address
-------------------------+-------------------------------------------------
Reporter: arma | Owner: andrea
Type: defect | Status: assigned
Priority: major | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: 0.2.7
Resolution: | Keywords: maybe-proposal, tor-auth,
Actual Points: | 027-triaged-1-in, SponsorU
Points: medium | Parent ID:
-------------------------+-------------------------------------------------
Comment (by andrea):
So, I think the right place to add this check is in
connection_exit_connect_dir() or immediately up its call chain. It's easy
enough to make this fail on the basis of some criterion, but I believe
it's possible for these to occur either from a single-hop circuit (we know
the client's real IP) or anonymized, in which case perhaps the criterion
should be begindirs from the same circuit rather than the same IP so the
would-be attacker at least must work. Thoughts on the right filter to
implement, anyone?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4581#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list