Kyle Williams wrote: > On Nov 8, 2007 4:00 PM, Jefferson Iblis <[EMAIL PROTECTED]> wrote: >> Seems the simplest solution would be to, by default, disallow Tor from >> accessing the local network, including what it discovers to be its >> externally accessible IP. Then anyone who wants to allow local access >> can explicitly turn on whatever they think is appropriate. >> > > Exactly. >
There are two issues. One is the concept of exit enclaves and another is privileged authorization based on a specific source ip. Regarding enclaves, an option for operators might be nice. You seem to think that it is very important to disable this type of preferential routing. I disagree. Still an option would allow people to address what you're discussing. Such an option could be: DisallowExitEnclave True This means that servers would operate as they do today and people could address that issue if they care to do so. It makes sense to me that the option would only address the issue of exit enclaves. I'd personally like to see exit enclaving enabled as it is today. With that said... As it stands today, any operator can modify their exit policy if they want to effectively disable exit enclaving. Modification to the exit policy would probably also address the unintended consequences you've voiced concern about. Regarding the second issue of privileged authorization based on source ips, Tor can't solve this problem. It's outside of the scope of the the Tor server itself. Furthermore it's possible that it's *intended* and the method of blocking would draw attention. If you take issue with this, contact the node operators in question. Regards, Jacob
