[tor-bugs] #23249 [Applications/Tor Browser]: Tor Browser DNS security: hosts file bypassed when "Proxy DNS when using SOCKS v5" is enabled
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Aug 18 14:27:49 UTC 2017
#23249: Tor Browser DNS security: hosts file bypassed when "Proxy DNS when using
SOCKS v5" is enabled
--------------------------------------+---------------------------
Reporter: lux+tor@… | Owner: tbb-team
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution: not a bug
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+---------------------------
Changes (by boklm):
* status: reopened => closed
* resolution: => not a bug
Comment:
The hosts file on a system can contain many entries, including some that
could cause Tor Browser to do unexpected things, or do not make any sense
in the context of using Tor Browser.
One of the main properties in the Tor Browser design is "State
Separation":
https://www.torproject.org/projects/torbrowser/design/#security
The browser MUST NOT provide the content window with any state from any
other browsers or any non-Tor browsing modes. This includes shared state
from independent plugins, and shared state from operating system
implementations of TLS and other support libraries.
Using the hosts files to resolve host names would be against that
property.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23249#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list