[tbb-bugs] #19206 [Applications/Tor Browser]: SOCKS isolation should include a process identifier.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon May 30 18:51:17 UTC 2016
#19206: SOCKS isolation should include a process identifier.
------------------------------------------+----------------------
Reporter: yawning | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
This isn't an issue when using Tor Browser with "tor-launcher forks/execs
the tor process" model, but is relevant to all other use cases,
particularly with a system tor instance.
The SOCKS username/password isolation should include a instance identifier
such that each invocation of Tor Browser ends up using difference circuits
(Currently, the isolation tags will get reused).
The current format is `domain:counter`. The naive implementation of this
would be something like `domain:pid:counter`. `pid` could be expanded to
include process launch time information or similar to handle the PID reuse
case, but I'm not sure how likely that is (the entire PID space needs to
be consumed before PIDs are reused on Linux).
I filed #18125 a while ago with similar rationale in mind, but doing it
this way is better, so feel free to kill off the older ticket in favor of
this one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19206>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list