[tahoe-lafs-trac-stream] [Tahoe-LAFS] #4031: In privacy mode, only explicitly allowed TCP/UDP connections should happen
Tahoe-LAFS
trac at tahoe-lafs.org
Wed May 24 14:25:48 UTC 2023
#4031: In privacy mode, only explicitly allowed TCP/UDP connections should happen
----------------------+------------------------------------------
Reporter: itamarst | Owner:
Type: defect | Status: new
Priority: normal | Milestone: HTTP Storage Protocol v2
Component: unknown | Version: n/a
Keywords: | Launchpad Bug:
----------------------+------------------------------------------
If Tahoe is configured in private IP mode (Tor, I2P, or some future mode)
there is the possibility of random parts not respecting this. E.g. HTTP
storage protocol had this issue until #4029.
One solution is to have the core networking APIs, i.e. the reactor, setup
such that connections are only allowed to the entry point to Tor/I2P, and
all other connections fail. If e.g. the introducer was switched to a HTTP
protocol, and it had the same flaw as the HTTP storage protocol of not
respecting Tor, this enforcement would cause it to fail to work, rather
than silently violating privacy guarantees.
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4031>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list