Feature #10058

Filter TorMonitor access to tor control socket

Added by alant 2015-08-17 17:27:18 . Updated 2016-02-20 12:15:08 .

Status:
Duplicate
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2015-08-17
Due date:
% Done:

0%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Tor Monitor
Deliverable for:

Description

In Tails, TorMonitor should only have access to a safe subset of Tor control protocol.

To get the conversation between TorMonitor and the Tor daemon: sudo socat -v UNIX-LISTEN:/tmp/tor-control-copy UNIX-CONNECT:/var/run/tor/control.

Currently TorMonitor uses:

- PROTOCOLINFO

- AUTHCHALLENGE SAFECOOKIE

- AUTHENTICATE

- SETEVENTS

- GETCONF __owningcontrollerprocess

- GETINFO version

- SETEVENTS SIGNAL

- SETEVENTS CONF_CHANGED SIGNAL STREAM CIRC

- GETINFO circuit-status

- GETINFO stream-status

- GETCONF usemicrodescriptors

- GETINFO ip-to-country/*
- GETINFO ns/id/*


Subtasks


Related issues

Is duplicate of Tails - Feature #9001: Onion Circuits should connect via the Tor control port filter Resolved 2015-03-03

History

#1 Updated by alant 2015-08-17 17:28:43

#2 Updated by BitingBird 2015-08-18 04:47:43

  • Affected tool set to Tor Monitor

#3 Updated by intrigeri 2015-08-18 04:50:56

  • Status changed from New to Confirmed

#4 Updated by alant 2015-09-14 14:59:54

  • is duplicate of Feature #9001: Onion Circuits should connect via the Tor control port filter added

#5 Updated by alant 2015-09-14 15:00:07

  • Status changed from Confirmed to Duplicate

#6 Updated by intrigeri 2016-02-20 12:15:08