Opened 7 years ago

Closed 7 years ago

#7149 closed defect (fixed)

Don't serve or accept hidden service descs over non-tunneled connections

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-hs
Cc: rransom Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

rransom suggests that we enforce a rule that hidden service material can only be served or published over a tunnelled connection. Though it isn't secret per se, it's always incorrect to receive it or send it unencrypted, and keeping it sent over Tor may reduce our attack surface slightly.

Seems worth merging.

Child Tickets

Change History (2)

comment:1 Changed 7 years ago by nickm

Status: newneeds_review

rransom's patch, with changes entry tweaked, is in my public repository as bug7149

comment:2 Changed 7 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Arma likes it, and I haven't been able to make it break on a chutney network. merging.

Note: See TracTickets for help on using tickets.