Changes between Version 3 and Version 4 of doc/TorProcessShare


Ignore:
Timestamp:
Mar 31, 2017, 11:55:46 AM (23 months ago)
Author:
adrelanos
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • doc/TorProcessShare

    v3 v4  
    1 UNFINISHED DRAFT!
    2 
    3 = Current situation in Debian =
    4 
    5 * If you install TorBirdy + Thunderbird you will use system-wide tor.
    6 * If you install torbrowser-launcher you will use TBB's bundled tor, not a system-wide instance even if available.
    7 * If you install onionshare it depends on torbrowser-launcher and on TBB to be running.
    8 
    9 => not very consistent, several tor configurations => confused users.
    10 
    11 = Two solutions =
    12 
    13 * One system-wide instance
    14 
    15 * Spin up one instance per application
    16 
    17 See trade-offs: https://trac.torproject.org/projects/tor/wiki/org/meetings/2015SummerDevMeeting/TorProcessShare
    18 
    19 We are leaning towards "One system-wide instance" on Linux, possibly as a first step towards the "Spin up one instance per application" approach. So, from now on, we'll have "One system-wide instance" as a goal on Linux.
    20 
    21 = Security =
    22 
    23 We don't want each application to have full access to the system-wide tor's control port, so we need to use onion-grater, and ship a profile for each application.
    24 
    25 XXX: elaborate why full control port access for all applications is a terrible idea.
    26 
    27 = Best practices =
    28 
    29 == Linux ==
    30 
    31 === For packagers ===
    32 
    33 * Patch or reconfigure the application to use the system-wide Tor.
    34 * Depends: onion-grater
    35 * Provide a profile for onion-grater and AppArmor
    36 
    37 XXX: elaborate on these dependencies.
    38 
    39 XXX: we don't have a solution for when AppArmor is not enabled.
    40 
    41 === For application developers ===
    42 
    43 XXX: set a socks user name for stream isolation (IsolateSOCKSAuth)
    44 
    45 If your application is packaged in distros: Include a system-wide (in /etc) configuration toggle for using a system-wide tor instance instead of a potentially bundled tor.
    46 
    47 Otherwise: get it packaged in distros if realistic, otherwise fallback to the Windows/TBB approach => start your own tor process.
    48 
    49 == Windows ==
    50 
    51 Start your own tor process.
    52 
    53 = What about configuration sharing? =
    54 
    55 XXX: specify how this should work. Probably by writing the settings to some file all applications will look at first.
    56 
    57 == Linux ==
    58 
    59 When we allow two cases, i.e. system-wide tor, and bundled tor, we need a way for all applications to still use the same tor configuration to connect to the Tor network (proxy, pluggable transport).
    60 
    61 == Windows ==
    62 
    63 All apps run their own Tor but should share the tor configuration for connecting to the Tor network.