Question About Security Threat from Tor

Jim McClanahan jimmymac at
Sun Jun 28 13:30:18 UTC 2009


I have read on this mailing list several times about how some previous
versions of Tor contain vulnerabilities that can threaten the host
machine itself.  I am reminded of this again with Pei Hanru's excellent
work tracking down the "tbreg mystery."  (I too say "thank you".)  While
I understand that all software has bugs, some of which can be exploited
for malicious purposes, I've long wondered how such vulnerabilities in
Tor threaten the host itself if Tor is being run (as recommended) as an
unprivileged user.

Can somebody explain, or point me to an explanation?  Thanks.

More information about the tor-talk mailing list