Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#12157 closed defect (not a bug)

Adding port 9040 to forbidden ports

Reported by: cypherpunks Owned by: mikeperry
Priority: Medium Milestone:
Component: TorBrowserButton Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Please include port 9040 to the default list of forbidden ports in about:config.

extensions.torbutton.banned_ports: 9050,9051,9150,9151
network.security.ports.banned: 9050,9051,9150,9151

Child Tickets

Change History (3)

comment:1 Changed 6 years ago by mikeperry

Nothing about port 9040 is standard AFAICT. My first thought was "What about the DNSPort, too?", so I checked the Tor manual and noticed that it doesn't list default/suggested ports for either option. 9040 appears to be merely a common convention...

comment:2 Changed 6 years ago by mikeperry

Resolution: not a bug
Status: newclosed

Oh, and furthermore, because we removed localhost from the no_proxies_on setting for fingerprinting reasons (#10419), maintaining this list of banned ports should no longer matter for localhost transproxy users. I think this means this is NOTABUG.

comment:3 Changed 6 years ago by cypherpunks

removed localhost from the no_proxies_on setting for fingerprinting reasons (#10419)

Implemented security hole.

Note: See TracTickets for help on using tickets.