[tor-relays] ExitPolicy reject *:* ships commented out?

[BarkerJr]

I would like to instead make Reject *:* the default if no ExitPolicy
is defined.  That way we can keep the line commented out and have a
safe default.

On Fri, Sep 6, 2013 at 8:47 PM, Thomas Hand <th6045 at gmail.com> wrote:
> There was a version of Tor released in the development repos that included
> Accept *.* in torrc. I remember seeing it but have no idea which version it
> was. I too think this is a mistake. If casual relay operators are being shut
> down due to a misconfigured torrc, Tor will suffer more bad press by media
> types who have no idea how Tor actually works. We want to encourage Tor
> relaying no!? The more relays, the better the service.
> I would also suggest to any devs reading this that some kind of pretty
> looking auto-config needs to run the user through the physical details of
> the connection and then configure the torrc appropriately. The average
> random who simply wants to donate bandwidth isnt going to run through the
> whole torrc and make sure everything is dandy before sticking the relay
> online.
> I can think of many competent, intelligent friends who would happily run a
> relay but they're probably not tech savvy enough to ge the torrc just so for
> their connections. 'Plug the wire into the grey box, internet happens'....
>
> On top of all this, if someone if wanting to run an Exit node, they will
> likely be the more tech savvy types. People who have a VPS etc. If that is
> the case then they will no doubt be able to configure Accept *.* in a text
> file.
>
> TL;DR version, devs please uncomment Reject *.* in the default torrc on all
> future releases on Tor. I really think this will cause serious headaches for
> well meaning volunteers.
>
> Tom
>
>
> On 31 August 2013 19:09, Gordon Morehouse <gordon at morehouse.me> wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>>
>> The friend was upgrading from Tor 0.2.3.x to Tor 0.2.4.16-rc.  I do
>> not know whether he used a tarball but I think it likely he used the
>> Tor 'experimental' repos as his VPS is Debian-family, and he said "I
>> couldn't keep the old config"; thus debconf likely presented him with
>> a choice, he accepted the new config, edited as far down as he needed
>> to turn relaying on, and that's it.
>>
>> Since the default exit policy is for a relay to be an exit (without,
>> even, the benefit of ReducedExitPolicy), his VPS was shut down in
>> about a day as he'd unknowingly turned himself into an exit node.
>>
>> Partial user error, and partial - as he would argue and so would I -
>> bad defaults.  This guy is a software engineer who had a derp moment.
>>  I wonder how many less tech-savvy users may make the same mistake and
>> then have a bad time and never relay again (or be subject to law
>> enforcement action, particularly in hostile countries).
>>
>> David Carlson:
>> > I am confused by this thread.  In fact, the specific downloaded
>> > file that the OP is referring to is not named, nor is it mentioned
>> > whether it was installed 'as-is' or with a modified configuration.
>> >  Then a follow-up message refers to TBB, which is not even a relay
>> > package. David C
>>
>> -----BEGIN PGP SIGNATURE-----
>>
>> iQEcBAEBCgAGBQJSIjFZAAoJED/jpRoe7/ujkPwIALCTA0q7/BAxn3E9cfQdjqpJ
>> SrHJGXMmIgQlmC98b1VfpoUmmsaz8dlhHfngl1CW230exhMIKLbkXOMAlzlgIowP
>> YfyMmdTkcx7fWg0jvFYUGMEbJP1k5thN+IYWJEQ1Myh67UTgL8gsclNmT4utH4bu
>> 96COXJLW8i20iegTmh8qMqEQD0au2bj0Y0iI/dNRqHEF2U/XOIal3yE7HDAUUWPL
>> VlmHWOrh6uuKKCp9/iOrmh0ZzVm1TQDQ2eYVdA2ciLHpecAXIIyRFRtXceZRm3Kh
>> 7HNqosenW+9ecszGkQc0XZerCVUI/bWAfv1EmrgYbz4PNjZlzCy/RNfc91EgiDU=
>> =IdH9
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>