> On 30 Sep 2015, at 14:53, Jeff Burdges <burd...@gnunet.org> wrote:
> ...
> Filename: xxx-anycast-exit.txt
> Title: Anycast Exit
> Author: Jeffrey Burdges
> Created: 28 September 2015
> Status: ?
> Implemented-In: ?
> …
> Server Side
> 
>  We propose an AnycastExit Tor configuration option
> 
>    AnycastExit <protocol> <host>:<port>
> 
>  Here protocol must be a string consisting of letters, numbers, and
>  underscores.
> 
>  There are two changes Tor's behavior resulting from this option :
> 
>  First, Tor adds the line "ACE <protocol> <host>:<port>" to the node's
>  full descriptor.
> 
>  Second, Tor allows connections to ip:port as if the torrc contains :
>    ExitPolicy allow<host>:<port>
>  As ExitPolicyRejectPrivate defaults to 1, these policies should be
>  allowed even if the ip lies in a range usually restricted.
>  In particular localhost and 127.0.0.1 are potentially allowed.

Tor exit policies don’t contain hostnames like “localhost", did you mean 
127.0.0.0/8 and ::1?

I am concerned about the security considerations of opening up local addresses, 
as local processes often trust connections from the local machine. Perhaps we 
could clarify it to say that only the specific port on 127.0.0.0/8 and ::1 is 
allowed?

I also suggest that we specify the following rules based on the current 
(0.2.7.3) implementation of policies_parse_exit_policy_internal:
* Block all IPv6 if IPv6Exit is 0
* If AnycastExit is set, allow 127.0.0.0/8:port and, if IPv6Exit is 1, 
[::1]:port
* If ExitPolicyRejectPrivate is 1:
  * reject private addresses (0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8, 
192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, [::]/8, [fc00::]/7, [fe80::]/10, 
[fec0::]/10, [ff00::]/8, [::]/127)
  * reject relay’s configured IPv4 and IPv6 address
  * reject relay’s interfaces’ IPv4 and IPv6 addresses
* Then add the default exit policy

Regards

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Reply via email to