Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #3540

Closed (moved)
Open
Opened Jul 07, 2011 by Nick Mathewson@nickm🥄

Limit the number of non-open general circuits

With some proposal 171 options, it's pretty easy for an ill-conceived configuration and a/or a hostile application/server combination to provoke a huge number of circuits. For example, if the user foolishly chooses IsolateDestAddr or IsolateDestPort on a port that they then use for web browsing, a hostile webpage can trivially make Tor try connections to an arbitrarily large number of addresses, or to every possible port.

We could say "Don't do that then", but there's always some genius who wants to ship a "sooper secure" bundle with all the options turned on. So instead, let's have an option to limit the number of general circuits that can be in a "building" state at a time.

This should have a reasonably safe default and a reasonably high maximum.

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
Tor: 0.2.3.x-final
Milestone
Tor: 0.2.3.x-final
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#3540