[tor-talk] DisableNetwork and ControlSocket
Stef Heibs
steheibs at yandex.com
Wed Sep 14 01:15:18 UTC 2016
Dear tor-talkers,
I run tor on a x86_64 linux. I start tor at system-startup with a torrc
nothing overly complicated, unusual is DisableNetwork 1, tor states:
DisableNetwork is set. Tor will not make or accept non-control network
connections. Shutting down all existing connections.
torrc:
ClientOnly 1
DisableNetwork 1
User tor
DataDirectory /var/lib/tor/data
ControlSocket /var/lib/tor/control
CookieAuthentication 1
CookieAuthFile /var/lib/tor/cookie
CookieAuthFileGroupReadable 1
Filesystem:
/var/lib/tor 750 owned by tor:tor
/var/lib/tor/data 700 and owned by tor:tor
The general idea is to access /var/lib/tor/control,cookie
and employ socat as a very generic tor-controller from
wpa_cli -a to tell tor DisableNetwork 0 when wpa_supplicant
associates to a given network and vice versa.
Observation:
If tor starts with DisableNetwork 1 it creates no control
socket, which defeats the purpose of configuring it.
Switching to the default (DisableNetwork 0), the socket appears
when tor is started. I haven't looked at the source, or traced
any further. This seems like a logical flaw (if tor isn't connected
there is no need for a ControlSocket?) to me.
I am using 2.8.7, do I miss something like a security
feature? I don't use a ControlPort in this setup and
prefer to use a very generic tor-controller using filesystem
security instead of the default ControlPort at 9051.
Can someone reproduce and maybe justify?
Thanks,
S.
More information about the tor-talk
mailing list