[tor-dev] Control-port filtering: can it have a reasonable threat model?
intrigeri at boum.org
Wed Apr 5 08:20:07 UTC 2017
> 5. tbb.json
> Allows "SETEVENTS STREAM" and "GETINFO circuit-status", for which see
> "onioncircuits" above.
> Filters from https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/etc/tor-controlport-filter.d
> 3. tor-browser.yml
> As "tbb.json" above.
FWIW, I think that Tails' control port filter exposes to Tor Browser
only the streams and circuits it has initiated itself. I'll let anonym
comment further on this.
More information about the tor-dev