Opened 4 years ago

Closed 4 years ago

#14210 closed enhancement (wontfix)

Enhance torsocks with ControlPort GETINFO communication skills and additional Socks* options

Reported by: anon Owned by: dgoulet
Priority: Medium Milestone:
Component: Core Tor/Torsocks Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Use ControlPort access in Torsocks to GETINFO and attempt preferred transports first. This includes the #12585 SocksSocket and #14209 SocksNamedPipe communication paths to Tor process.

Child Tickets

Change History (2)

comment:1 Changed 4 years ago by anon

Access to control port is contentious; per nickm: "I'm not sure exposing control-port stuff to torsocks is the right move. The control port exposes lots of functionality that torsocks shouldn't really touch, and requires authenticators of various sorts."

coderman: "exposing control port a good concern; someone has a GETINFO proxy just for this, odly enough"

no GETINFO unless added to torsocks for another reason? (said another way, don't add GETINFO for Socks discovery)

comment:2 Changed 4 years ago by dgoulet

Resolution: wontfix
Status: newclosed

Yeah giving access to control port to torsocks is a dangerous move. Since torsocks basically lives in an application, a single flaw could be very dangerous to tor since it could be accessed using torsocks.

I would much prefer Tor writing to a file it's SocksPort instead. Closing this one because for now I NACK it.

Note: See TracTickets for help on using tickets.