Bug#797335: marked as done (tor: should open a Unix-domain SOCKSPort by default)

[Debian Bug Tracking System]

Your message dated Sat, 23 Apr 2016 18:06:20 +0000
with message-id <e1au1wi-0000y6...@franck.debian.org>
and subject line Bug#797335: fixed in tor 0.2.8.2-alpha-1
has caused the Debian Bug report #797335,
regarding tor: should open a Unix-domain SOCKSPort by default
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
797335: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797335
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: tor
Version: 0.2.6.10-1
Severity: wishlist

There are various Debian programs that assume tor is running on port
9050, and send data to it.  This is inappropriate because the port can
be bound by any unprivileged user if tor is not running (or they can
crash it).  I'll file bugs separately for any programs I see doing this.

SOCKSPort supports Unix-domain sockets now.  The default torrc should
open one, to give programs a safe default.  E.g.,
  SOCKSPort unix:/var/run/tor-socks
Opening an extra TCP port below 1024 could be useful for programs with
no AF_LOCAL support.  I've been using 905.

- Michael


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: arm64

Kernel: Linux 4.1.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages tor depends on:
ii  adduser              3.113+nmu3
ii  init-system-helpers  1.23
ii  libc6                2.19-19
ii  libevent-2.0-5       2.0.21-stable-2
ii  libseccomp2          2.2.3-1
ii  libssl1.0.0          1.0.2d-1
ii  libsystemd0          224-2
ii  lsb-base             4.1+Debian14
ii  zlib1g               1:1.2.8.dfsg-2+b1

Versions of packages tor recommends:
ii  logrotate    3.8.7-2
ii  tor-geoipdb  0.2.6.10-1
ii  torsocks     2.1.0-1

Versions of packages tor suggests:
pn  apparmor-utils       <none>
pn  mixmaster            <none>
ii  obfs4proxy           0.0.5-2
ii  obfsproxy            0.2.13-1
ii  socat                1.7.3.0-1
ii  tor-arm              1.4.5.0-1.1
ii  torbrowser-launcher  0.2.0-2

-- Configuration Files:
/etc/tor/torrc changed:
SocksPort 127.0.0.1:900 SessionGroup=900
SocksPort 127.0.0.1:901 SessionGroup=901
SocksPort 127.0.0.1:902 SessionGroup=902
SocksPort 127.0.0.1:903 SessionGroup=903
SocksPort 127.0.0.1:904 SessionGroup=904
SocksPort 127.0.0.1:905 SessionGroup=905
SocksPort 127.0.0.1:906 SessionGroup=906
SocksPort 127.0.0.1:907 SessionGroup=907
SocksPort 127.0.0.1:908 SessionGroup=908
SocksPort 127.0.0.1:909 SessionGroup=909
SocksPolicy accept 74.116.186.120/29
SocksPolicy accept 172.23.0.0/18
SocksPolicy accept 127.0.0.1/32
SocksPolicy reject *
HiddenServiceDir /var/lib/tor/hidden-ssh/
HiddenServicePort 22 127.0.0.1:22
HiddenServiceAuthorizeClient basic terra-mgold
ORPort 443
ORPort 143               # imap
ORPort 3690 NoAdvertise  # subversion
ORPort 8001 NoAdvertise
ORPort 389 NoAdvertise   # ldap
Address 74.116.186.120
Nickname terra
RelayBandwidthRate 75 KBytes
RelayBandwidthBurst 95 KBytes
ContactInfo 4096R/BA8239D3BD1DE48C
ExitPolicy reject *:* # no exits allowed


-- no debconf information

signature.asc
Description: Digital signature

--- End Message ---

--- Begin Message ---

Source: tor
Source-Version: 0.2.8.2-alpha-1

We believe that the bug you reported is fixed in the latest version of
tor, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 797...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Peter Palfrader <wea...@debian.org> (supplier of updated tor package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 23 Apr 2016 19:59:43 CEST
Source: tor
Binary: tor tor-dbg tor-geoipdb
Architecture: source all
Version: 0.2.8.2-alpha-1
Distribution: experimental
Urgency: medium
Maintainer: Peter Palfrader <wea...@debian.org>
Changed-By: Peter Palfrader <wea...@debian.org>
Description: 
 tor - anonymizing overlay network for TCP
 tor-dbg - debugging symbols for Tor
 tor-geoipdb - GeoIP database for Tor
Closes: 797335
Changes:
 tor (0.2.8.2-alpha-1) experimental; urgency=medium
 .
   * New upstream version.
   * apparmor profile: Allow reading of /var/lib/tor to the process.
     This is required by new tor versions (closes: Tor#18370).
   * Set SocksPort unix:/var/run/tor/socks and 9050 in the defaults file
     (closes: #797335).
     - For non-default instances, use /var/run/tor-instances/@@NAME@@/socks.
     - Make /var/run/tor mode 755 (from 750).  Same for the instance run
       directories.
     - Use the RelaxDirModeCheck option for the control unix domain socket
       so that works.
     - tor-instance-create: in the torrc we create, append to the SocksPort
       list using + instead of overriding what is configured in the defaults
       file.
     - apparmor: allow reading of {/var,}/run/tor, and writing of
       {/var,}/run/tor/socks.
Checksums-Sha256: 
 ede63e84711cb6e083506154cdae382dc8633240c91d88eacac913c646b07b6d 1887 
tor_0.2.8.2-alpha-1.dsc
 4756a04dea76395f5caf89de3cd75f05cc8d43576ef0f966cea9259b16eb1628 5073910 
tor_0.2.8.2-alpha.orig.tar.gz
 82bc011342932c05ea45daf6e3a23bd2708231869cffb05eaec6c02e019e278a 39496 
tor_0.2.8.2-alpha-1.diff.gz
 5c7815b5d94910886a8079ab4de1eccd8441641b4b9a82431454d7f6dbd0072e 907906 
tor-geoipdb_0.2.8.2-alpha-1_all.deb
Checksums-Sha1: 
 18307c2270fd34a128db5390feed0a7a34e489fe 1887 tor_0.2.8.2-alpha-1.dsc
 11f2cbecb82bc7784f5bc32d611a33af43751a0d 5073910 tor_0.2.8.2-alpha.orig.tar.gz
 a50381bd3356d1ed56d68acb16481055f70bd65b 39496 tor_0.2.8.2-alpha-1.diff.gz
 5a443c58cce6309bdd70e036d568b07a3cbe45b7 907906 
tor-geoipdb_0.2.8.2-alpha-1_all.deb
Files: 
 507d2739768ef5cce87905ab2d07c7f7 1887 net optional tor_0.2.8.2-alpha-1.dsc
 24e905f1bcaa42f0a9e278c5ecc2699d 5073910 net optional 
tor_0.2.8.2-alpha.orig.tar.gz
 1b6e87fbb4e7ba156c5623fcf0585ae9 39496 net optional tor_0.2.8.2-alpha-1.diff.gz
 29856dcdaecb83624afccb99597c7628 907906 net extra 
tor-geoipdb_0.2.8.2-alpha-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJXG7gdAAoJEIYCyCA4cjMfOnYIALiWJhUut0q9Ndjrz/eih11l
+95UPmORcKLlrPO87WACb6glTy2/6C0S0kTODiexl4OmAFHY7ADLAh0esp2vg3R0
IbWNu8sDa9XUjanBHzVr7xcmOeZjLQ9envpKAaNLqyaesi+r19sfcG+eRNjd8He4
HYrI4dujIXeGgjXdL64rNOQqn+gt4sq7L3c45Rs0krnswaeaiE3+UnAOmlB6OetD
yQSkFdU6KQclFOR6DuZ5QFhGGa+7KYAT8iskF5eS6WkmOhqHrnYWhZ/O9dqRMIHo
ttQk0oqLdNqGgkKl9w+4EGsenuKBcTAteXhvC7ioazKker3ygwrg1TWvOP8nPnk=
=tL/x
-----END PGP SIGNATURE-----

--- End Message ---