Question About Security Threat from Tor

Michael cozzi at cozziconsulting.com
Sun Jun 28 18:30:16 UTC 2009


Jim McClanahan wrote:
> Hi,
>
> I have read on this mailing list several times about how some previous
> versions of Tor contain vulnerabilities that can threaten the host
> machine itself.  I am reminded of this again with Pei Hanru's excellent
> work tracking down the "tbreg mystery."  (I too say "thank you".)  While
> I understand that all software has bugs, some of which can be exploited
> for malicious purposes, I've long wondered how such vulnerabilities in
> Tor threaten the host itself if Tor is being run (as recommended) as an
> unprivileged user.
>
> Can somebody explain, or point me to an explanation?  Thanks.
>   

    Hi Jim,

    Not so much related to Tor itself, but more toward general security. 
If a standard user account were to be compromised, that's the first step 
in getting control of a machine. Even with Tor running as an 
unprivileged user, if a security problem were exploited, that could lead 
to unprivileged access to the machine- then the attacker just has to 
find a suitable way to crack the box through an exploit, polluted 
binaries, or even a scripted dictionary attack on the box from inside. 
But you run this same risk from any internet facing service.

    The best first defense is to make sure everything is patched (Along 
with the standard fire walling, log analysis, and general paranoia). 
 From a personal standpoint, I usually recommend so called "enterprise" 
distributions of Linux or BSD variants. They don't always have the 
latest wizbang features, but from a security standpoint they have been 
bashed about enough that they might be a little more hardened than others.

    This is of course from the standpoint of *nix.

    On a Windows XP or earlier setup, most user servers are running with 
administrative privileges. You can guess where that can end up. It's 
better (a bit) on server versions of Windows.

    I can't comment on anything related to OSX, the last version I ran 
was developer release one. But the principles are the same.

    Michael



More information about the tor-talk mailing list