This document should specify why anyone would want to use a control port filter daemon, expressing the possibility for leakage of publicly routeable ip etc. But also I think we should express the idea that filesystem permissions in debian tor restrict access to the tor control port unix domain socket... and we suggest that none of the applications using the tor control port should be in the debian-tor group or otherwise have direct access to the tor process's control port. But instead we'll make custom filter rules for each application that needs to use the control port which thereby offers some amount of protection against apps behaving maliciously, in accordance with the principal of least authority. ;-p
david415
commented
8 years ago
This document should specify why anyone would want to use a control port filter daemon, expressing the possibility for leakage of publicly routeable ip etc. But also I think we should express the idea that filesystem permissions in debian tor restrict access to the tor control port unix domain socket... and we suggest that none of the applications using the tor control port should be in the debian-tor group or otherwise have direct access to the tor process's control port. But instead we'll make custom filter rules for each application that needs to use the control port which thereby offers some amount of protection against apps behaving maliciously, in accordance with the principal of least authority. ;-p