I would like to instead make Reject *:* the default if no ExitPolicy is defined. That way we can keep the line commented out and have a safe default.
On Fri, Sep 6, 2013 at 8:47 PM, Thomas Hand <th6...@gmail.com> wrote: > There was a version of Tor released in the development repos that included > Accept *.* in torrc. I remember seeing it but have no idea which version it > was. I too think this is a mistake. If casual relay operators are being shut > down due to a misconfigured torrc, Tor will suffer more bad press by media > types who have no idea how Tor actually works. We want to encourage Tor > relaying no!? The more relays, the better the service. > I would also suggest to any devs reading this that some kind of pretty > looking auto-config needs to run the user through the physical details of > the connection and then configure the torrc appropriately. The average > random who simply wants to donate bandwidth isnt going to run through the > whole torrc and make sure everything is dandy before sticking the relay > online. > I can think of many competent, intelligent friends who would happily run a > relay but they're probably not tech savvy enough to ge the torrc just so for > their connections. 'Plug the wire into the grey box, internet happens'.... > > On top of all this, if someone if wanting to run an Exit node, they will > likely be the more tech savvy types. People who have a VPS etc. If that is > the case then they will no doubt be able to configure Accept *.* in a text > file. > > TL;DR version, devs please uncomment Reject *.* in the default torrc on all > future releases on Tor. I really think this will cause serious headaches for > well meaning volunteers. > > Tom > > > On 31 August 2013 19:09, Gordon Morehouse <gor...@morehouse.me> wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> The friend was upgrading from Tor 0.2.3.x to Tor 0.2.4.16-rc. I do >> not know whether he used a tarball but I think it likely he used the >> Tor 'experimental' repos as his VPS is Debian-family, and he said "I >> couldn't keep the old config"; thus debconf likely presented him with >> a choice, he accepted the new config, edited as far down as he needed >> to turn relaying on, and that's it. >> >> Since the default exit policy is for a relay to be an exit (without, >> even, the benefit of ReducedExitPolicy), his VPS was shut down in >> about a day as he'd unknowingly turned himself into an exit node. >> >> Partial user error, and partial - as he would argue and so would I - >> bad defaults. This guy is a software engineer who had a derp moment. >> I wonder how many less tech-savvy users may make the same mistake and >> then have a bad time and never relay again (or be subject to law >> enforcement action, particularly in hostile countries). >> >> David Carlson: >> > I am confused by this thread. In fact, the specific downloaded >> > file that the OP is referring to is not named, nor is it mentioned >> > whether it was installed 'as-is' or with a modified configuration. >> > Then a follow-up message refers to TBB, which is not even a relay >> > package. David C >> >> -----BEGIN PGP SIGNATURE----- >> >> iQEcBAEBCgAGBQJSIjFZAAoJED/jpRoe7/ujkPwIALCTA0q7/BAxn3E9cfQdjqpJ >> SrHJGXMmIgQlmC98b1VfpoUmmsaz8dlhHfngl1CW230exhMIKLbkXOMAlzlgIowP >> YfyMmdTkcx7fWg0jvFYUGMEbJP1k5thN+IYWJEQ1Myh67UTgL8gsclNmT4utH4bu >> 96COXJLW8i20iegTmh8qMqEQD0au2bj0Y0iI/dNRqHEF2U/XOIal3yE7HDAUUWPL >> VlmHWOrh6uuKKCp9/iOrmh0ZzVm1TQDQ2eYVdA2ciLHpecAXIIyRFRtXceZRm3Kh >> 7HNqosenW+9ecszGkQc0XZerCVUI/bWAfv1EmrgYbz4PNjZlzCy/RNfc91EgiDU= >> =IdH9 >> -----END PGP SIGNATURE----- >> _______________________________________________ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays