On 5/3/12 7:26 PM, unknown wrote: > On Wed, 2 May 2012 22:43:52 +0000 > Robert Ransom <rransom.8...@gmail.com> wrote: > >> See >> https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs >> for the security advisory. >> >> >> Robert Ransom >> _______________________________________________ >> tor-talk mailing list >> tor-talk@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > > Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux > way):
Well, this can also be prevented if the "starter" of TBB would be a binary/executable rather than a shell script, and that binary executable would provide "LD_PRELOAD" tsocks like approach wrapping the connect(). That way the entire TBB will run over the TBB_STARTER that will provide an "application-level" firewall that would prevent any kind of socket API to get-out directly. -naif _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk