[tor-dev] [RELEASE] Torsocks 2.1.0
anonym at riseup.net
Thu May 28 16:59:12 UTC 2015
On 05/28/2015 03:11 PM, Yawning Angel wrote:
> Ah, this is a matter of "the feature is explained in a simple manner in
> the abbreviated changelog".
> What the flag actually does is:
> * Username set to 'torsocks-' PID ':' unixTime
Thanks for the clarification! This indeed sounds a lot better.
> While not as great as 256 bit random numbers, PID reuse within the same
> second is rather unlikely, at least under Linux PIDs are only recycled
> when the pid wraps (/proc/sys/kernel/pid_max), I assume most other
> Unixes follow similar behavior.
Right. I wrote something about this originally, but ended up deleting it
for brevity. I think we would have to come up with some pretty
ridiculous scenarios for it to become a problem on Linux even without
the unix timestamp (only PIDs), e.g. massively parallel runs of torsocks
+ other processes cycling through PIDs rapidly + an increased
MaxCircuitDirtiness + lowered pid_mix, or some combination thereof.
But still, YMMV depending on your OS. :)
> The identifier was chosen such that it would be blatantly obvious in
> circuit listings as to which torsocks instance things belong to.
> There is space in the username field, so appending a hexdecimal large
> random number or something is certainly possible and quite trivial.
It would be a welcome improvement if you have the time. And if space is
an issue the unix time can of course be dropped.
More information about the tor-dev