Opened 14 years ago

#197 closed defect (Not a bug)

Privoxy logging instructions incorrect: causes leaked info

Reported by: madphilosopher Owned by: phobos
Priority: High Milestone:
Component: Webpages/Website Version:
Severity: Keywords:
Cc: madphilosopher Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


The installation instructions for Windows and for Linux/BSD/Unix tell the user to disable logging in Privoxy by commenting out:

logfile logfile
jarfile jarfile

in the Privoxy configuration. This is not enough, for then the logging of connections just moves to stderr (which might be sent to a file depending on the way privoxy is started---it is sent to /var/log/privoxy/errorfile in the debian package). To complete the disabling of logging, the user must also comment out:

debug 1 # show each GET/POST/CONNECT request

and probably:

debug 8192 # Errors - *we highly recommended enabling this*

The installation instructions for Mac OS X do not address this issue at all.

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (6)

comment:1 Changed 14 years ago by phobos

Which version? In CVS the debug 1 statement is commented out for osx.
Also, for osx, the privoxy.config is already edited for you.

comment:2 Changed 14 years ago by madphilosopher

In Ubuntu, I managed to install privoxy 3.0.3-3 using a debian package, but I can't find that version number from the Privoxy sourceforge download page: the various packages there only go up to 3.0.3-1. So it probably came from an ubuntu universe repository.

In any case, I browsed the CVS repository in sourceforge, and I couldn't find privoxy.config. The only config file I could find was /current/config, and this file contains these leaks:

logfile logfile
jarfile jarfile
debug 1 # show each GET/POST/CONNECT request
debug 4096 # Startup banner and warnings
debug 8192 # Errors - *we highly recommended enabling this*

I also grepped the entire contents of the /osxsetup/ directory and I couldn't find the word debug. So where should I be looking?

comment:3 Changed 14 years ago by phobos

Most likely, the config is in /etc/privoxy/config. Privoxy is loosely related to Tor, so we're not experts
in all things privoxy. As for OSX, the config is in /Library/Privoxy/config.

comment:4 Changed 14 years ago by madphilosopher

No, we were talking about CVS. I couldn't find an OS-X-specific config file in the Privoxy CVS tree.

But the point of all this is this: if you provide some information in the Tor/Privoxy installation instructions regarding the danger of leaking browsing information to log files, then the information should be correct and complete. If users follow the instructions as they currently stand, what they expect to happen (no logging of browsed URLs) does not actually happen (for some if not all platforms). This should be fixed by either (1) exploring all of the cases and finding out what the correct instructions should be, or (2) reducing the instructions to a warning only, letting the users decide to explore the behaviour of their Tor/Privoxy installation if they are sufficiently paranoid about this.

That's my assessment of the sitation, anyway.

comment:5 Changed 14 years ago by phobos

We don't maintain the Privoxy package, nor the CVS tree for it. Privoxy is a separate project from Tor entirely, wholly unrelated.
We merely bundle it with the OSX dmg for convenience. In Tor's CVS, and built packages, there is a pre-configured privoxy

config for OSX users inside /contrib/osx/ called privoxy.config. This configured config is what get installed in /Library/Privoxy/config.

As I said earlier, I've updated the privoxy.config to comment out debug 1, which logs all of the urls. debug 8192 is for error logging, not URL logging. Data is only sent to this debug level if an error occurs; which is infrequent at best.

comment:6 Changed 14 years ago by phobos

flyspray2trac: bug closed.

Note: See TracTickets for help on using tickets.