[tor-bugs] #18156 [Tor]: Add a torrc flag to disable ADD_ONION creation.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 23 18:58:56 UTC 2016
#18156: Add a torrc flag to disable ADD_ONION creation.
-----------------------------+------------------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.2.???
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs, control | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: SponsorR-can
-----------------------------+------------------------------
Changes (by dgoulet):
* keywords: => tor-hs, control
* sponsor: => SponsorR-can
Comment:
This is indeed a worrying issue imo. There are multiple options here I
see:
1. Add a torrc option to disable ADD_ONION for only client
2. atagar's suggestion is to have a read-only option for control port.
3. Add a torrc option which tells tor that it's a client-only so no HS
would be possible. Actually, any "opening listening socket" apart from
SocksPort would be denied.
More on that. I actually think that a default tor client (only acting as a
client that is no ORPort) should never allow `ADD_ONION` unless explicitly
requested in the torrc. It sounds like a lot to ask to users to _close_
down the command instead of opening it if needed (most of the time used by
specific apps).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18156#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list