[tor-bugs] #10196 [Flashproxy]: allow the client to pick a specific relay for its registration
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 1 04:27:01 UTC 2013
#10196: allow the client to pick a specific relay for its registration
-----------------------------+-----------------
Reporter: infinity0 | Owner: dcf
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Flashproxy | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+-----------------
Comment (by dcf):
We need to think through the security implications of allowing the client
to control what endpoints proxies connect to. If would allow a
(potentially malicious) client to initiate a TCP connection to any IP
address--and exchange data with any WebSocket server that exists anywhere.
The client could cause the proxy to send and receive arbitrary plaintext,
plaintext that will be examined by your company or university's firewall.
As it is now, a malicious client gets to control only one endpoint of the
communication, and cannot force the proxy to carry plaintext.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10196#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list