[tor-bugs] #18156 [Tor]: Add a torrc flag to disable ADD_ONION creation.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 27 00:39:37 UTC 2016
#18156: Add a torrc flag to disable ADD_ONION creation.
-------------------------+---------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
-------------------------+---------------------
Comment (by cypherpunks):
Hi atagar, I could be very much wrong about this, but I'm concerned about
ADD_ONION because with the help of legitimate but buggy third party
software, it can bypass my firwall rules and hook up to my ssh server, or
mail server or local network and potentially make me part of a bot net or
worse, instead of just hooking up to the buggy applications listening
port. And there isn't really an easy way of seeing it. #18157
I don't know if SETCONF or SETEVENTS can do that.
I'm all for the read-only control port. I hope it is considered.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18156#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list