accepted
merge request
!23
"Fix Guard count in count-relay.py"
at
The Tor Project / Network Health / helper-scripts
opened
merge request
!23
"Fix Guard count in count-relay.py"
at
The Tor Project / Network Health / helper-scripts
commented on
issue #24
"TOR-013 pen-torproject#13: helper-scripts - Newline Injection in badconf-entry due to insecure Fingerprint validation"
at
The Tor Project / Network Health / helper-scripts
Added time spent in September
commented on
issue #23
"TOR-014 pen-torproject#14: helper-scripts - Limited File Read in badconf-entry due to insecure Fingerprint validation via symlinks"
at
The Tor Project / Network Health / helper-scripts
Added time spent in September
accepted
merge request
!22
"chg: Do not follow symlinks reading the input file"
at
The Tor Project / Network Health / helper-scripts
closed
issue
#23
"TOR-014 pen-torproject#14: helper-scripts - Limited File Read in badconf-entry due to insecure Fingerprint validation via symlinks"
at
The Tor Project / Network Health / helper-scripts
closed
issue
#24
"TOR-013 pen-torproject#13: helper-scripts - Newline Injection in badconf-entry due to insecure Fingerprint validation"
at
The Tor Project / Network Health / helper-scripts
accepted
merge request
!21
"chg: Validate input fp"
at
The Tor Project / Network Health / helper-scripts
-
ae20bb66 · Merge remote-tracking branch 'gitlab/merge-requests/22'
- ... and 2 more commits. Compare 1968d43d...ae20bb66
opened
merge request
!22
"chg: Do not follow symlinks reading the input file"
at
The Tor Project / Network Health / helper-scripts
opened
merge request
!21
"chg: Validate input fp"
at
The Tor Project / Network Health / helper-scripts
commented on
issue #23
"TOR-014 pen-torproject#14: helper-scripts - Limited File Read in badconf-entry due to insecure Fingerprint validation via symlinks"
at
The Tor Project / Network Health / helper-scripts
Estimate: 40min * 1.5 (moderate uncertainty)
commented on
issue #23
"TOR-014 pen-torproject#14: helper-scripts - Limited File Read in badconf-entry due to insecure Fingerprint validation via symlinks"
at
The Tor Project / Network Health / helper-scripts
Ah, we should check whether the symlink issue also applies to margot. I do know that margot does check the fingerprint.
commented on
issue #24
"TOR-013 pen-torproject#13: helper-scripts - Newline Injection in badconf-entry due to insecure Fingerprint validation"
at
The Tor Project / Network Health / helper-scripts
Estimate: 20min * 1.5 (moderate uncertainty)
commented on
issue #23
"TOR-014 pen-torproject#14: helper-scripts - Limited File Read in badconf-entry due to insecure Fingerprint validation via symlinks"
at
The Tor Project / Network Health / helper-scripts
Yes, same comment applies. It has 1 more thing than #24 (closed), that is the symlink check, but still easy.
commented on
issue #24
"TOR-013 pen-torproject#13: helper-scripts - Newline Injection in badconf-entry due to insecure Fingerprint validation"
at
The Tor Project / Network Health / helper-scripts
Yes, it's easy enough and yes, we can argue we're switching to margot... We can do both.
commented on
issue #23
"TOR-014 pen-torproject#14: helper-scripts - Limited File Read in badconf-entry due to insecure Fingerprint validation via symlinks"
at
The Tor Project / Network Health / helper-scripts
#24 (comment 2938171) applies here as well, I think.