[tor-bugs] #7875 [Tor]: debian obfsproxies can't advertise ports under 1024

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Mar 12 05:05:53 UTC 2015


#7875: debian obfsproxies can't advertise ports under 1024
------------------------+------------------------------
     Reporter:  arma    |      Owner:  asn
         Type:  defect  |     Status:  needs_review
     Priority:  normal  |  Milestone:  Tor: unspecified
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  tor-bridge
Actual Points:          |  Parent ID:
       Points:          |
------------------------+------------------------------

Comment (by yawning):

 In the bright new obfs4proxy feature, `setcap`ing the obfs4proxy binary
 behaves as expected, so any/all of:

  * #8195 assuming tor starts with sufficiently elevated privileges.
  * The admin manually `setcap`ing the obfs4proxy binary.
  * The package automagically handling this somehow (don't ask me how).

 will solve this for obfs2/3/4.  FTE/ScrambleSuit still use the old python
 codebase so those require further investigation.  Personally, I don't view
 manually calling `setcap` on installation/update as a huge hassle, but
 then again my bridge deployment procedure consists of `scp`ing the binary
 over, and running a shell script, so I'm probably not the person to make
 decisions here.

 The fact that obfs4proxy works with `setcap` is also documented in the
 README.md file, so we're in a better situation than previously, and when
 we do our bridge deployment documentation revamp, we can also highlight
 this there.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7875#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list