Warn on nonlocal addresses in configuration, PT results (!2454) · Merge requests · The Tor Project / Core / Arti

Nick Mathewson requested to merge nickm/arti:warn_on_nonlocal into main Sep 25, 2024

With this branch we warn if we're listening for socks or dns on non-local addresses; we warn if we are configured with a non-local PT; and we reject any PTs that tell us they are running non-locally.

(The managed PT case is not a security hole, since PTs are trusted with our traffic anyway, and could just as easily relay it to a non-local address itself.)

Initial solution for #1636

Warn on nonlocal addresses in configuration, PT results

Merge request reports