[tor-bugs] #17070 [Tor]: ".local" is mDNS for the local network, but tor assumes localhost
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Sep 15 05:51:26 UTC 2015
#17070: ".local" is mDNS for the local network, but tor assumes localhost
----------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version:
Keywords: security | Actual Points:
Parent ID: | Points:
----------------------+------------------------------------
`tor_addr_hostname_is_local` labels hostnames ending in ".local" as
resolving to the loopback address. But ".local" is used for multicast DNS,
so some names ending in ".local" may be on the local network(s), and not
on 127.0.0.1 or ::1 or the associated netblocks.
https://en.wikipedia.org/wiki/Multicast_DNS
However, the current implementation is probably doing the right thing
anyway, as allowing ".local" over SOCKS/Tor could open up access to
servers or devices on Exit relays' local networks, which has security
implications.
This may require a documentation change, or perhaps refactoring and review
of all uses of `tor_addr_hostname_is_local` to see if they want only
localhost, or local networks as well.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17070>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list