Use a local socket for tor socks proxy and control channel where available #650
Labels
feature/tor
priority/P5
Not scheduled. Don't anticipate work on this any time soon.
sec-low
security
Comments
tildelowengrimm
added
the
priority/P5
36 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, in browser-laptop, we use a TCP/IP socket on the local interface, say 127.0.0.1:9250, for the tor socks proxy and control channel. Anyone with access to the local TCP/IP interface can connect to the tor socks proxy. To reduce the attack surface, we should use a local socket under ~/.config/brave that requires file system permissions to get at, not just TCP/IP.
This would require teaching Chromium's socks 'URL' abstraction to handle pathnames, not just host:port pairs, as in
socks5:///home/riastradh/.config/brave/tor/socksor something where we currently usesocks5://127.0.0.1:9050.Caveat: I'm not sure this is doable on Windows. If not, we would have to maintain two code paths, including the slightly more complex one in #649, and it may not be worthwhile to do this in addition to #649.
The text was updated successfully, but these errors were encountered: