On Tue, Mar 4, 2014 at 10:13 AM, David Goulet <[email protected]> wrote: > On 04 Mar (08:36:13), Nick Mathewson wrote: >> On Mar 4, 2014 4:26 AM, "Lunar" <[email protected]> wrote: >> > >> > David Goulet: >> > > After a big code review from Nick and help from a lot of people >> > > contributing and testing, this is the release candidate 4 for the new >> > > torsocks. >> > >> > I was about to push the new version to Debian experimental, but it just >> > breaks my SSH configuration too badly. >> > >> > The new version forbids listen() and accept(). >> > >> > That means that at least SSH options ControlMaster, LocalForward, and >> > DynamicForward will not work. Being able to multiplex connections >> > (ControlMaster) is pretty crucial to keep sanity when working over >> > hidden services. Forwarding options allow a simple way to create to >> > tunnel TCP connections to a remote system through SSH over Tor. >> > >> > I am not sure what is the right move here. Perhaps allowing listen on >> > Unix sockets and localhost? Or maybe allowing listen() entirely? >> >> Those sound like good candidates for options. I think that listen-local is >> probably safe*, but arbitrary listen is broken in enough use cases that it >> should IMO be off by default. > > I agree here that this should not break the ssh -L. What I propose is an > option that allows torsocks to accept inbound connection thus > listen()/accept(). > > An option in the configuration file and an environment variable also > (which adds a command line option to torsocks as well). What about > "AllowInbound" or "AllowListen" or "AcceptListen" that is off by > default.
AllowInbound is probably okay, though still I think that "allow inbound locally only" is a good idea. (Could we implement that by checking getsockname() on the socket before the call to listen(), to make sure that it was localhost or unix?) -- Nick _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
