On Wed, Jun 18, 2014 at 9:34 PM, Zack Weinberg <za...@cmu.edu> wrote: > If the process listening on port 80 is the Tor process, then any > vulnerability in the HTTP service it presents to port 80 can be > exploited for a direct attack on the relay itself. If port 80 service > is provided by a separate program (e.g. lighttpd) running under a > different user ID, then an exploit of *that* program may not be able > to affect the relay. That's all I meant. (The Wikipedia article is > talking about a related thing, but not really the same.)
Yes, clear now, thanks for the explanation. -- http://about.me/alexanderfortin _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays