[tor-bugs] #6937 [Tor Client]: SocksPipe or SocksSocket - an anonymous pipe to smoke network leakings bug out (of)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun Sep 23 19:59:46 UTC 2012
#6937: SocksPipe or SocksSocket - an anonymous pipe to smoke network leakings bug
out (of)
-------------------------------------+--------------------------------------
Reporter: ioerror | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor Client | Version: Tor: unspecified
Keywords: security needs-proposal | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
Comment(by ioerror):
Replying to [comment:18 rransom]:
> Replying to [comment:17 arma]:
> > I expect the portability side to be a big hassle. But if it's
straightforward to stop using sockets, I agree that it's a big win --
mainly because apparmor and friends are so crappy at handling network
permissions with any granularity.
>
> Every Unixoid GUI program needs to use AF_LOCAL sockets to connect to
the X server, so there's absolutely no way that hacking up Tor (and
everything that might want to talk to it) to use a crappy kludged-up
reimplementation of AF_LOCAL sockets using named pipes and userland
parsing/unparsing goo will provide a security benefit.
Which is why at the very least AF_LOCAL is a reasonable way to allow
programs to connect to Tor's SOCKS interface. However, AF_UNIX is not
available on Win32 and so we'll need to find another way to connect Tor
Browser to Tor's SOCKS port that is the equivalent of AF_UNIX.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6937#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list