[tor-talk] Tor already running

Robert Ransom rransom.8774 at gmail.com
Fri Aug 24 23:00:26 UTC 2012


On 8/24/12, adrelanos <adrelanos at riseup.net> wrote:
> Robert Ransom:
>> On 8/24/12, Aaron Paden <aaronbpaden at gmail.com> wrote:

>>> So I'm not an expert in shell or anything. I know there are a lot of
>>> gotchas. It seems like it should be possible, though. Is there something
>>> wrong with using pgrep or something?
>>
>> Several things:
>>
>> * pgrep isn't POSIX, and it isn't in GNU coreutils (as of version
>> 8.13), so it probably won't exist on someone's Linux system.
>
> That's a really esoteric thing. Any half recent Linux system will have
> it installed?

POSIX is not esoteric.  But there is a pgrep in the ‘procps’ package,
which contains the POSIX-required ps command, and FreeBSD ships with a
pgrep, so pgrep should be available everywhere TBB for Linux can be
run anyway.

> If not, in long run there will (hopefully) be packages and TBB should
> depend on pgrep (if decided to use it).

No.  If the Tor Browser is packaged properly for a Linux distribution,
it will be configured to use a system-wide Tor instance, and it won't
use any of the startup crap that TBB includes.

> If Mike wants to fulfill the esoteric requirement to POSIX and coreutils
> pre 8.13 compatible, the script could test if pgrep exists and leave
> them with the current behavior.

I assumed that if pgrep were ubiquitous on Linux systems, it would be
in coreutils (bad assumption), so I looked there.  I only stated the
version of coreutils that I checked because I didn't want to go hunt
for the most recent version of coreutils.


>> * pgrep only indicates that there is some process named “tor” (or
>> “vidalia”) running, not that the specific Tor or Vidalia shipped in
>> TBB is running.
>
> I fail to see the problem? Please elaborate. Tor Browser should also be
> compatible with system wide installed Tor/Vidalia. (i.e. apt-get install
> tor vidalia)

No.  TBB is intended to not interact with a system-wide Tor instance in any way.


>> * There is currently no way for any program not started by TBB-Vidalia
>> to determine which ports TBB-Tor is listening on, and there is no way
>> for any such program to determine what control-port password Torbutton
>> will need in order to send TBB-Tor a ‘SIGNAL NEWNYM’ command (required
>> for the ‘New Identity’ command to work).  (See also
>> https://bugs.torproject.org/6609 .)
>
> What's the suggested solution here? Why not write those data into a file
> or environment variable?

TBB-Vidalia does write all of that information into environment
variables, which is why only programs which it starts have easy access
to it.  The control-port password will never be written to a file
because any attacker who can authenticate to a Tor instance's control
port can completely destroy its user's anonymity.


Robert Ransom


More information about the tor-talk mailing list