Feature #10058: Filter TorMonitor access to tor control socket

Feature #10058

Filter TorMonitor access to tor control socket

Added by alant 2015-08-17 17:27:18 . Updated 2016-02-20 12:15:08 .

Status:

Duplicate

Priority:

Normal

Assignee:

Category:

Target version:

Start date:

2015-08-17

Due date:

% Done:

Feature Branch:

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Tor Monitor

Deliverable for:

Description

In Tails, TorMonitor should only have access to a safe subset of Tor control protocol.

To get the conversation between TorMonitor and the Tor daemon: sudo socat -v UNIX-LISTEN:/tmp/tor-control-copy UNIX-CONNECT:/var/run/tor/control.

Currently TorMonitor uses:

- PROTOCOLINFO

- AUTHCHALLENGE SAFECOOKIE

- AUTHENTICATE

- SETEVENTS

- GETCONF __owningcontrollerprocess

- GETINFO version

- SETEVENTS SIGNAL

- SETEVENTS CONF_CHANGED SIGNAL STREAM CIRC

- GETINFO circuit-status

- GETINFO stream-status

- GETCONF usemicrodescriptors

- GETINFO ip-to-country/*
- GETINFO ns/id/*

Subtasks

Related issues

Is duplicate of Tails - ~~Feature #9001~~: Onion Circuits should connect via the Tor control port filter

Resolved

2015-03-03

History

#1 Updated by alant 2015-08-17 17:28:43

Parent task set to ~~Feature #6842~~

#2 Updated by BitingBird 2015-08-18 04:47:43

Affected tool set to Tor Monitor

#3 Updated by intrigeri 2015-08-18 04:50:56

Status changed from New to Confirmed

#4 Updated by alant 2015-09-14 14:59:54

is duplicate of ~~Feature #9001~~: Onion Circuits should connect via the Tor control port filter added

#5 Updated by alant 2015-09-14 15:00:07

Status changed from Confirmed to Duplicate

#6 Updated by intrigeri 2016-02-20 12:15:08

Parent task deleted (~~~~Feature #6842~~~~)