[tahoe-lafs-trac-stream] [tahoe-lafs] #982: grsec disallows tahoe from learning its own IP address
tahoe-lafs
trac at tahoe-lafs.org
Thu Jun 16 22:24:25 PDT 2011
#982: grsec disallows tahoe from learning its own IP address
-------------------------+----------------------------
Reporter: ioerror | Owner: warner
Type: defect | Status: new
Priority: minor | Milestone: undecided
Component: code | Version: 1.6.0
Resolution: | Keywords: security grsec
Launchpad Bug: |
-------------------------+----------------------------
Comment (by ioerror):
I think it's fine to learn your own IP address but not by attempting to
read from /proc/ or using any tools on the system that may read from /proc
or other such subsystems such as /sys.
An idea: Allow Tahoe to learn it's own likely IP address by talking to
another peer or checking for a configuration option. Thus a user can
manually set the tub.location or Tahoe can learn it from the introducer;
In Tor, we allow any OR to talk to another OR and ask for it's own IP
address. This peer IP is often correct. The OR then attempts to connect
back to test if it has incoming ports filtered or open. That may also be
quite useful for Tahoe.
--
Ticket URL: <http://tahoe-lafs.org/trac/tahoe-lafs/ticket/982#comment:7>
tahoe-lafs <http://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list