Opened 5 years ago

Closed 5 years ago

#13880 closed defect (not a bug)

arm produces torrc with DisableDebuggerAttachment 0?

Reported by: teor Owned by: atagar
Priority: Medium Milestone:
Component: Core Tor/Nyx Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

So, there is an unconfirmed report on #tor that arm produces torrc files with DisableDebuggerAttachment 0. If that is the case, and there's no reason for it, we should stop doing that.

<teor> tim_: also, why DisableDebuggerAttachment 0?
<tim_> teor, I have in my configs not sure where it came from. if it doesn't really do anything I can remove it
<teor> tim_: it reduces security by enabling debugger attachment to the tor process. This can be used by an adversary to extract keys.
<murb> tim_: do you use arm?
<tim_> murb: yes i use arm. i think that is where it came from
<teor> tim_: hmm, I'd consider that a bug in arm

Child Tickets

Change History (3)

comment:1 Changed 5 years ago by atagar

If that is the case, and there's no reason for it, we should stop doing that.

Hi teor. I probably opted for that because that feature breaks the connection panel. If you connect to a tor instance with 'DisableDebuggerAttachment 1' then arm disables connection resolution with the notice of...

Tor is preventing system utilities like netstat and lsof from working.
This means that arm can't provide you with connection information.
You can change this by adding 'DisableDebuggerAttachment 0' to your
torrc and restarting tor. For more information see...

https://trac.torproject.org/3313

Personally I think Tor's DisableDebuggerAttachment feature is buggy and should be fixed before incorporated, but that's an argument I lost four years ago. I'm removing the setup wizard in the next release so having arm default this way will be moot.

comment:2 Changed 5 years ago by teor

Ok, thanks for the heads' up.

Would you like to close this bug, or should I?

comment:3 Changed 5 years ago by atagar

Resolution: not a bug
Status: newclosed

Certainly, making it so.

Note: See TracTickets for help on using tickets.