[tor-dev] RFC: Ephemeral Hidden Services via the Control Port

Fabio Pietrosanti (naif) - lists lists at infosecurity.ch
Sat Feb 14 08:45:08 UTC 2015


On 2/14/15 1:45 AM, Yawning Angel wrote:
> Hi,
>
> The Warning: DO NOT USE MY BRANCH YET, IT HAS HAD MINIMAL TESTING AND
>              REVIEW.  IT IS NOT DONE.  IT WILL BROADCAST YOUR SECRETS
>              TO THE NSA'S ORBITAL SPACE STATION.
>
> Trac Ticket: https://trac.torproject.org/projects/tor/ticket/6411
> Branch: https://github.com/Yawning/tor/compare/feature6411
I'm fine with the proposal.

That's an important part of a set of tickets designed to enable the use
of a Tor integration without ever touching the filesystem within third
party application and application controllers (such as TxTorCon/ORbot) .

This complement the already closed #13865
(https://trac.torproject.org/projects/tor/ticket/6411) and the
yet-to-be-discussed #14899 (Enable Tor to work without using filesystem
for cached files https://trac.torproject.org/projects/tor/ticket/14899).

When #6411 will be integrated and #14899 will be implemented:
- Tor AppArmor profile can be imporved by completely disabling
filesystem read/write (when integrated with a third part app)
- Third party App can fully use Tor by keeping all it's configuration
directive, keys (for TorHS) and caches (for descriptors/consensus) in
the application database

Once all of that will be possible, we'll be able to make a 100% clean
Tor integration into GlobaLeaks (that's undergoing an architecture
refactor to have a master/slave process).

-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi




More information about the tor-dev mailing list