Opened 8 years ago

Closed 8 years ago

#2695 closed defect (fixed)

Private data leak in 0.2.2 debs

Reported by: arma Owned by: weasel
Priority: Medium Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In our Tor 0.2.2 debs, we enable cores by default:

#
# Comment this out if you do not want to get coredumps
#
ulimit -c unlimited

But most users don't know about this setting, so they accrue core files in their $datadir. These core files could include keys, relay cell payloads, buffer contents, etc.

We should turn this feature off by default.

Child Tickets

Change History (1)

comment:1 Changed 8 years ago by weasel

Resolution: fixed
Status: newclosed

Fixed in git.

Note: See TracTickets for help on using tickets.