On Tue, Jan 19, 2016 at 02:35:24PM +, Stuart Henderson wrote:
> They aren't being careful (see typo in connection_edge.c:1616).
> Given the hostile environment this code is run in, do you really
> want it having the ability to modify pf rules if attacked?
Reported, see
The compat.c patch is by tb@ and stops tor from calling sysctl() to get
the total memory everytime it receives sighup, so we don't need `ps'
after tor_init().
I originally thought tor repeatedly called setgroups() but it does avoid
this so we don't need `id' after tor_init() either.
What's
On Tue, 19 Jan 2016 14:35:24 +, Stuart Henderson wrote:
> On 2016/01/20 02:04, Carlin Bingham wrote:
> > pf - tor supports transparent proxying to pf
>
> I think it would be reasonable to kill support for the DIOCNATLOOK
> method for rdr-to, and only allow the pf-divert ("divert-to") method
>
On 2016/01/20 02:04, Carlin Bingham wrote:
> pf - tor supports transparent proxying to pf
I think it would be reasonable to kill support for the DIOCNATLOOK
method for rdr-to, and only allow the pf-divert ("divert-to") method
that's used by spamd, ftp-proxy, squid, etc. It just uses getsockname()
> On Tue, 19 Jan 2016 14:35:24 +, Stuart Henderson wrote:
> > On 2016/01/20 02:04, Carlin Bingham wrote:
> > > pf - tor supports transparent proxying to pf
> >
> > I think it would be reasonable to kill support for the DIOCNATLOOK
> > method for rdr-to, and only allow the pf-divert