[tor-relays] FamilyGenerator: Tor MyFamily Generator

nusenu nusenu-lists at riseup.net
Sun Jul 22 09:11:00 UTC 2018

Dear operators,

please don't generate your torrc MyFamily configurations
based on untrusted input.

I think it is a *bad* idea to modify tor configurations
based on other people's descriptor data
*especially* if anyone is going to run this automatically.

Please use ground-truth to generate MyFamily sets otherwise
we can no longer even trust MyFamily sets.

That said if you trust onionoo, you might be able to build onionoo
search queries that are NOT vulnerable to random people injecting
themselves in your MyFamily set. 

- you run your own AS and all servers in that AS are under your control (parameter: as)
- all your relays are under your own DNS domain and only you can generate DNS A records for that domain
and [1] is implemented
(note: these onionoo fields appear currently somewhat broken)

Ideally the generator only allows more safe parameter and rejects unsafe parameters like contact

> Does this have a disadvantage? Well, yes. If someone creates a relay
> with the same pattern in ContactInfo and MyFamily as what you put
> into FamilyGenerator, their relay(s) may get picked up and put in
> your generated MyFamily line as well.

[1] https://trac.torproject.org/projects/tor/ticket/26898


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180722/cb83593e/attachment.sig>

More information about the tor-relays mailing list