[tor-dev] Control-port filtering: can it have a reasonable threat model?
intrigeri
intrigeri at boum.org
Wed Apr 5 08:20:07 UTC 2017
Nick Mathewson:
[...]
> 5. tbb.json
> Allows "SETEVENTS STREAM" and "GETINFO circuit-status", for which see
> "onioncircuits" above.
> =====
> Filters from https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/etc/tor-controlport-filter.d
[...]
> 3. tor-browser.yml
> As "tbb.json" above.
FWIW, I think that Tails' control port filter exposes to Tor Browser
only the streams and circuits it has initiated itself. I'll let anonym
comment further on this.
Cheers,
--
intrigeri
More information about the tor-dev
mailing list