[tor-bugs] #11624 [Tor]: Malicious relays may be able to be assigned Exit flag without exiting anywhere
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 13 14:28:31 UTC 2014
#11624: Malicious relays may be able to be assigned Exit flag without exiting
anywhere
------------------------+------------------------------------
Reporter: tom | Owner:
Type: defect | Status: new
Priority: minor | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: unspecified
Resolution: | Keywords: tor-auth 026-triaged-1
Actual Points: | Parent ID:
Points: |
------------------------+------------------------------------
Changes (by teor):
* milestone: Tor: 0.2.6.x-final => Tor: 0.2.7.x-final
Comment:
The core of this issue appears to be that the Exit flag code is optimistic
(just needs a /8 and 2 ports), but the microdescriptor exit policy summary
code is pessimistic (needs the entire internet).
We need a proposal to fix the microdescriptor exit policy summary code
(and a new consensus method), but the Exit flag could be fixed to be more
pessimistic straight away, as it is assigned by authorities.
Perhaps it is easiest to just make one depend on the other?
(A quick fix would be to summarise the exit policy, then use that as input
to the Exit flag determination. This would also require a documentation
fix.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11624#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list