Re: [tor-talk] SELinux issue with Tor?
On 8/14/16, Jeremy Randwrote: > my inquiry Insufficient info to resolve. > a link to information https://en.wikipedia.org/wiki/Security-Enhanced_Linux https://www.google.com/search?q=selinux+manual http://selinuxproject.org/page/Main_Page -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] SELinux issue with Tor?
grarpamp: > On 8/13/16, Jeremy Randwrote: >> #zeronet IRC >> I've obtained permission to post a partial chatlog. > > It's a public channel, on an insecure server, plugged into clearnet. > Do you have any idea how many users, publicly accessible archives, > corporate bots, and NSA drones, have and even publish a copy of IRC... lots. > Permission has no relavant context there. Users believing public IRC is > somehow transient, private, unrecorded, etc... that's downright foolish. > If you want secrecy / deniability, etc, try using or developing something > else, good luck, it's no easy task. Lots of things are trivially easy and extremely common, that I choose not to do out of politeness (not for security reasons). Posting chatlogs of other people is one of them. No implication of secrecy/deniability was intended. >> I'm curious if this is intended behavior by Tor. Chatlog below: >> ... >> According to SELinux tor wants to mount a filesystem on >> /var/lib/tor, what sounds weird > > Most GNU/Linux are hard to learn due to unnecessary abstraction layers, > thus time spent learning or gutting them first instead of learning unix. > Learn more unix and the answer to the behavior will become obvious. > The following links may be of help... > http://www.linuxfromscratch.org/ > http://www.freebsd.org/ > http://www.openbsd.org/ > https://www.google.com/?q=unix+introduction I had never heard of this "Google" thing; are you telling me that all the information of the world can be obtained by average me just by figuring out what incantation of search terms to type in? (Of course, perhaps a link to information that actually answers my inquiry without me needing to guess the incantation would be even more helpful.) >> fiction -- I'm already aware that Tor isn't backdoored by the Pentagon > > Abject backdooring is different from selective funding to areas > that are not a threat to the funder. It's been hashed to death... > in the public archives, no permission needed. Who said anything about selective funding? I simply was aware that there are a number of people who regularly accuse Tor of being backdoored, and I wanted to make certain that my joke wasn't miscontrued as one of those statements, since text-based communication is frequently miscontrued. As a developer who has decided not to pursue certain funding sources due to "selective funding" issues that I find ethically concerning, I am certainly well aware of those issues. Cheers, -Jeremy signature.asc Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] SELinux issue with Tor?
On 8/13/16, Jeremy Randwrote: > #zeronet IRC > I've obtained permission to post a partial chatlog. It's a public channel, on an insecure server, plugged into clearnet. Do you have any idea how many users, publicly accessible archives, corporate bots, and NSA drones, have and even publish a copy of IRC... lots. Permission has no relavant context there. Users believing public IRC is somehow transient, private, unrecorded, etc... that's downright foolish. If you want secrecy / deniability, etc, try using or developing something else, good luck, it's no easy task. > I'm curious if this is intended behavior by Tor. Chatlog below: > ... > According to SELinux tor wants to mount a filesystem on > /var/lib/tor, what sounds weird Most GNU/Linux are hard to learn due to unnecessary abstraction layers, thus time spent learning or gutting them first instead of learning unix. Learn more unix and the answer to the behavior will become obvious. The following links may be of help... http://www.linuxfromscratch.org/ http://www.freebsd.org/ http://www.openbsd.org/ https://www.google.com/?q=unix+introduction > fiction -- I'm already aware that Tor isn't backdoored by the Pentagon Abject backdooring is different from selective funding to areas that are not a threat to the funder. It's been hashed to death... in the public archives, no permission needed. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] SELinux issue with Tor?
Hey, Someone reported a weird SELinux issue with Tor on the #zeronet IRC earlier today. I've obtained permission to post a partial chatlog, as I'm curious if this is intended behavior by Tor. Chatlog below: Someone fucked up Tor in my distro and I can't use it now, ZeroNet still tries to use the fucked up Tor, so I can't do… anything nvm, there's zeronet.conf pskosinski, might I ask what distro has a broken Tor? * Jeremy_Rand_2 wants to make a mental note to avoid that distro like the plague Jeremy_Rand_2: Well, so far I had not much time to check if it's not reported yet or it's not my fault… Anyway, it seem to not work well in Fedora 24 after last update Anyway, it was working, I did not change anything, updated, doesn't work, SELinux throws alerts pskosinski, oh, that's unfortunate, I use Qubes-Fedora for some of my stuff. (although I use Fedora 23) pskosinski, although my Tor stuff is running in Whonix * Jeremy_Rand_2 tries to come up with a justification involving Fedora being advertised as bleeding-edge, but fails because Tor being bricked by SELinux should be really easy to notice in QA According to SELinux tor wants to mount a filesystem on /var/lib/tor, what sounds weird Do I have NSA-version of tor or what So seems good that SELinux is preventing that, the question why is tor trying to do that pskosinski, lemme get this, a security system created by NSA is stopping a suspected NSA-backdoored version of software created by the Pentagon from operating I love the world of infosec these days ;p It's better than fiction Sincere apologies if this behavior is documented somewhere already. (Also, my reference to onion routing being created by the Pentagon was purely commentary on how the field of infosec is more interesting than fiction -- I'm already aware that Tor isn't backdoored by the Pentagon, please don't think that I was implying that.) Anyway, if anyone might be able to comment on whether this is intended behavior, what the purpose is, and whether anyone else has encountered this issue in Fedora (or any other distros), that would be greatly appreciated. Cheers, -Jeremy Rand signature.asc Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk