Lock Control Port
robert at roberthogan.net
Sun Nov 18 09:11:51 UTC 2007
On Sunday 14 October 2007 01:27:58 you wrote:
> On Saturday 13 October 2007 21:27:01 Roger Dingledine wrote:
> > On Sat, Oct 13, 2007 at 10:50:16AM +0100, Robert Hogan wrote:
> > > While we're all still 'getting there', controllers could have the
> > > option of locking the control port if no auth mechanism is enabled, and
> > > even when it is. Given that users tend not to share installations and
> > > most run their controller concurrently with tor at all times this would
> > > be a useful fallback measure.
> > Why not have your controller enable authentication when it connects and
> > doesn't like what it finds? If you want, you can then disable it when
> > you disconnect.
> > This approach would seem to have all the same properties of your
> > lock/unlock without any new commands or code.
> Duh. Don't know where I was going with that one.
On second thoughts, it might be a useful default behaviour to lock the
control port automatically whenever an unauthenticated connection is made.
The active controller could then choose to unlock the port once connected.
I can't think of a use-case for more than one simultaneous connection to the
control port, so even if implicit locking is a bit extreme it might be a good
idea to notify current control port users when someone else creates a new
control session, regardless of authentication. It would also be useful to
learn of any other active control sessions when you first connect.
The problem with using a random password to 'lock' the control port is that
the genuine user is locked out if their control session disconnects
unexpectedly. Of course this shouldn't happen but ...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part.
More information about the tor-dev