Polipo and dnsUseGethostbyname - what is the best option and does it matter?

Roger Dingledine arma at mit.edu
Mon Apr 12 02:06:28 UTC 2010


On Sun, Apr 11, 2010 at 11:14:31PM +0100, Matthew wrote:
>> If you change the options, you should see polipo query your local dns
>> resolver either directly, or via gethostbyname.
>>
> But if you change it to "false" would that not be the safest option -  
> from what I can gather in this situation Polipo would never do its own 
> DNS.

As I understand it, the question is whether polipo should use the
system call named gethostbyname(), or if it should use its own internal
non-blocking dns resolve code. The question isn't "should polipo disable
dns resolves or not".

Back when I picked the "yes" answer, there were two reasons:

A) polipo's internal dns resolve code didn't look at /etc/hosts,
so when I set my proxy to localhost:9050, polipo would try to resolve
"localhost", and it ended up asking my ISP where "localhost" was. My ISP
helpfully answered 127.0.0.1, but what if my ISP had answered something
else? Really bad news.

B) There were some remote buffer overflows in polipo's internal dns
resolve code.

Given those, and since polipo shouldn't be doing any dns resolves anyway
when it's using a socks5 proxy, I figured I'd go for the choice that
exposed less surface area.

I'm not sure whether either of these bugs are fixed at present (ugh). So
I'd recommend sticking with yes (or true, I guess it's called now).

--Roger

***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list