[tor-bugs] #15458 [Tor]: Provide StrongSocksIsolation torrc option
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 25 03:41:19 UTC 2015
#15458: Provide StrongSocksIsolation torrc option
-----------------------------------+---------------------
Reporter: mikeperry | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: tbb-wants, tor-client | Actual Points:
Parent ID: | Points:
-----------------------------------+---------------------
For tor browser security and usability, it would be nice to have an option
that instructs Tor to try harder with SocksIsolation. In particular, if
this is set, Tor should not retry any stream requests on new circuits once
a circuit is successfully used. This will prevent guard discovery attacks
from working against the browser (see #13669 and
https://trac.torproject.org/projects/tor/ticket/7870#comment:18).
Additionally, if this value is set, TrackHostExits should also follow the
socks username and password isolation. In other words, Tor should track
the exits used by hostnames independently for each socks
username+password. This would allow us to re-implement #13766 and #9442
using TrackhostExits instead of MaxCircuitDirtiness (which will mean less
idle circuits staying open on relays, taking up memory).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15458>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list