Re: [Tails-dev] A quick look at uwt

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: adrelanos
CC: tails-dev
Betreff: Re: [Tails-dev] A quick look at uwt
Hi,

great to see many isues fixed! See more comments bellow.

adrelanos wrote (04 Sep 2012 15:35:03 GMT) :
> Confirmed. Now using other folder ""$HOME"/.torsocks_temp/..." [...]
> Feedback welcome.


I think you really should not try to reinvent mktemp(1).

>> Buggy handling of wrapped commands whose arguments contain spaces

[...]
> Confirmed. I don't know how to fix it. Ideas?


The answer might emerge from that question of mine:

>> (is going through getopt necessary for the wrapped command at
>> all?):


If the answer is "yes", then I suggest having a look at the various
options offered by getopt for whitespace / command-line words parsing.

>> Confusing message (actual behavior looks good, though):


> Confirmed. Fixed. Changed to 'echo "uwt: localhost detected.
> Not using torsocks."' and open for suggestions. I change it to
> anything you suggest.


"not using torsocks" vs. "exec torsocks ..." is still
self-contradicting and confusing. Sorry if I was not clear from
the beginning.

>> (and probably fragile) parsing of wrapped command -- I find this
>> to be a bit scary, as it silently assumes every occurrence of
>> these strings in a wrapped command line means that the user wants
>> to connect to localhost, which might not be the case:
>>
>> case "$*" in *127.0.0.1*) *localhost*)


> Confirmed. No idea how this could be done better.


> A -l for localhost option wouldn't make sense as uwt's main purpose is
> to be used by wrappers. The magic "add stream isolation for non socks
> aware applications with uwt hack while not breaking localhost
> connections and while the user does not have to care about" does not
> work so well. Open for suggestions.


If you're happy to see semi-random commands (try to?) connect to the
Internet directly, that is without going through Tor, then I suggest
configuring torsocks to accept connections to localhost, and not try
to guess (by fuzzy parsing command-line) if it should go through Tor
or not. Depends on your threat model and system-wide design, mostly,
and I admit I don't know the AOS' one enough to say anything about it.

However, even if the current state of uwt fits AOS, I have to say
I find it a bit scary to suggest [0] random users to use uwt in the
current state of things: reading that page, they might think uwt will
torify every command they wrap that connects to the Internet, and not
randomly let it go through in the clear if it happens to contain this
or that hardcoded string. Sorry if I missed something here.

[0] https://trac.torproject.org/projects/tor/wiki/doc/torsocks#uwt

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc