On 03/25/2012 01:57 PM, Maxim Kammerer wrote:
> On Sun, Mar 25, 2012 at 17:40, intrigeri <intrigeri@???> wrote:
>>> Could you please share a Privoxy configuration you trust to be safe
>>> using with Tor?
>
> I still don't understand why would anyone trust Tor developers to
> correctly configure Privoxy.
> E.g., on https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#WhydoweneedPolipoorPrivoxywithTorWhichisbetter:
> "it needs to see the entire page to parse it, before sending it on to
> the browser".
>
The first part of the FAQ is the most important:
"Why a HTTP proxy at all?"
> This incorrect remark can mean only one thing: whoever wrote that
> sentence didn't read the manual. For a decent configuration, see
> src/etc/privoxy in Liberté's git, which includes Referer/Host header
> rewriting for .exit notation support, for instance.
>
It's a wiki. Feel free to update it?
I looked at your config (
https://github.com/mkdesu/liberte/blob/master/src/etc/privoxy/config )
and it looks like the following:
confdir /etc/privoxy
logdir /var/log/privoxy
actionsfile match-all.action # Actions that are applied to
all sites and maybe overruled later on.
# Ad-blocking is done in browsers nowadays, and removing
# page blocking and content manipulation from Privoxy makes
# it more robust (e.g., for cables communication).
# actionsfile default.action # Main actions file
# actionsfile user.action # User customizations
# filterfile default.filter # Main filters file
filterfile user.filter # User filters file
logfile privoxy.log
listen-address 127.0.0.1:8118
toggle 1
enforce-blocks 0
buffer-limit 4096
forward-socks5 / 127.0.0.1:9050 .
forward-socks5 check.torproject.org 127.0.0.1:9050 .
forward-socks5 torcheck.xenobite.eu 127.0.0.1:9050 .
forward-socks5 .onion 127.0.0.1:9050 .
forward-socks5 .exit 127.0.0.1:9050 .
forward .i2p 127.0.0.1:4444
forward .i2p:443 127.0.0.1:4445
forward *AAAA/ 127.0.0.1:4444
forward *AAAA:443/ 127.0.0.1:4445
forward 127.0.0.1/ .
forward localhost/ .
forward liberte/ .
# forward 192.168.*.*/ .
forwarded-connect-retries 2
accept-intercepted-requests 0
keep-alive-timeout 5
socket-timeout 300
# EOF
It seems like your config tampers with the requests pretty heavily and
the support of .exit should probably be disabled. I also think it is
dangerous to support both i2p and Tor with the same privoxy config. It
seems like it should be possible to construct a single webpage that
attempts to link i2p and Tor usage via HTTP and thus fingerprints the
user as using Liberté... No?
If I was going to make your config more generic, I'd probably remove the
filters to reduce the attack surface and to simply make it an HTTP shim:
#Begin
confdir /etc/privoxy
logdir /var/log/privoxy
logfile privoxy.log
listen-address 127.0.0.1:8118
toggle 1
enforce-blocks 0
buffer-limit 4096
forward-socks4a / 127.0.0.1:9050 .
forward-socks5 / 127.0.0.1:9050 .
forward-socks5 .onion 127.0.0.1:9050 .
forwarded-connect-retries 2
accept-intercepted-requests 0
keep-alive-timeout 5
socket-timeout 300
#EOF
All the best,
Jacob
