[tor-bugs] #5741 [Tor bundles/installation]: TBB proxy bypass: Some DNS requests not going through Tor
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu May 3 17:49:09 UTC 2012
#5741: TBB proxy bypass: Some DNS requests not going through Tor
-----------------------------------------+----------------------------------
Reporter: cypherpunks | Owner: erinn
Type: defect | Status: closed
Priority: blocker | Milestone:
Component: Tor bundles/installation | Version:
Resolution: fixed | Keywords: MikePerry201205
Parent: | Points: 3
Actualpoints: 3 |
-----------------------------------------+----------------------------------
Comment(by cypherpunks):
Replying to [comment:19 cypherpunks]:
> I tested and the TBB AppArmor profile also blocks this bug:
https://trac.torproject.org/projects/tor/wiki/doc/AppArmorForTBB
Correction: I forgot had removed the 'network dgram;' allow line from my
profile when I first read the tor-talk post. You obviously need to do that
for the profile to protect you from UDP leaks like DNS. Also note the tor-
talk post says the profile explicitly does *not* protect you from TCP
leaks due to AppArmor limitations, so perhaps firewall rules are still
needed for proper defense in depth.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5741#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list