Opened 12 years ago

Last modified 7 years ago

#363 closed enhancement (Fixed)

Refuse to start if /etc/resolv.conf cannot be read/parsed

Reported by: Orum Owned by: nickm
Priority: Low Milestone: 0.1.2.x-final
Component: Core Tor/Tor Version: 0.1.1.25
Severity: Keywords:
Cc: Orum Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Tor exit nodes currently assume a local nameserver listening on 127.0.0.1 if /etc/resolv.conf
cannot be found (or parsed, I would assume). However, in order to mitigate DNS issues with exit
nodes (i.e. those described in task #362), I think tor should refuse to start (or at least log a
warning/error to stderr) if this is the case. Of course, this does not solve all DNS issues, as
invalid DNS servers could still easily exist in /etc/resolv.conf, but it will at least act as a
basic "dummy proofing" for those chrooting/jailing their tor exit nodes.

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (2)

comment:1 Changed 12 years ago by nickm

flyspray2trac: bug closed.
Implemented in r9157; fix should appear in 0.1.2.5-alpha. Thanks!

comment:2 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.