On Thursday, June 2, 2011, Javier Bassi <javierba...@gmail.com> wrote: > > What is think he is trying to say is that if someone finds a security > vulnerability in Tor/Vidalia (this has happened in the past) the > attacker can easily have a list of all IPs running relays, and may > compromise all their machines with his 0day. And also he mention that > even if Tor is chrooted, the attacker can break out of the chroot > jail. This is not as easy as it sounds. To break out of the chroot > jail you need to escalate privileges first and how do you get root > inside a chroot jail? ( Of course if Tor was not running as root)
Fascinating, this does make the argument much more clear. best, Joe -- Joseph Lorenzo Hall ACCURATE Postdoctoral Research Associate UC Berkeley School of Information Princeton Center for Information Technology Policy http://josephhall.org/ _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk