[tor-bugs] #22461 [Core Tor/Tor]: Tor emits inaccurate safesocks warning event whenever you visit a naked IP address

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 2 16:06:28 UTC 2017


#22461: Tor emits inaccurate safesocks warning event whenever you visit a naked IP
address
--------------------------+----------------------------------
 Reporter:  arma          |          Owner:
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+----------------------------------
Changes (by catalyst):

 * milestone:   => Tor: unspecified


Comment:

 #10165 is related.  So neither "localhost" nor 127.0.0.1 should work in
 Tor Browser because of possible leakage?  (Also in the comments to #10165
 that led to this ticket, why is an (alleged) online banking site trying to
 open those connections to 127.0.0.1?)

 Is the goal here that a user-provided numeric IP address won't generate
 warnings? (on the assumption the user knows what they're doing?)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22461#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list