[tor-bugs] #11376 [Tor]: Provide Privileged and Unprivileged control ports
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Mar 31 00:03:22 UTC 2014
#11376: Provide Privileged and Unprivileged control ports
-------------------------+------------------------------
Reporter: sysrqb | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.???
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: | Points:
-------------------------+------------------------------
(This may be a duplicateas I know this has been discussed before, but I
couldn't find the original if it exists)
The control port has the potential ability to pass sensitive information
(#3521, #5976, #1949). There may be situations where one controller only
needs the ability to query and receive a limited amount of information and
another controller handles the sensitive information. These two processes
should be able to connect/authenticate to different sockets and and thus
prevent the first process from receiving sensitive information.
Alternatively, this same isolation can be achieved using the chosen
authentication mechanism.
Whichever is better (or if both, or another, are chosen), the capabilities
of the connection should also be configurable via torrc and control port.
For example, whether a connection is allowed to SETCONF or only GETCONF
and SETEVENTS, etc. A high level of granularity would be ideal.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11376>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list