intrigeri:
>> You might be interested in the solution I came up with for Whonix. It's
>> called Control Port Filter Proxy. [1] In essence, "wretch a proxy in
>> between Tor Browser and control port, allow a few hand selected, white
>> listed control port commands, discard the rest". I'd be interested in
>> your thoughts about that as well.
>
> Sure, that's the long-term plan. I was pretty sure we had a ticket
> about it, but not yet apparently, so I created one:
>
> https://labs.riseup.net/code/issues/6384
CPFP works well. While testing this I was able to run tor-arm through it
(with white list disabled, of course, just for testing if proxying the
control port commands works). Also requests from python-stem, which is
rather picky about protocol verification, works through it.
I think it won't leave anyone's wishes for features open, even has a .d
config folder - unless you'd like to see a rewrite in something other
than bash.
So if you like my implementation or have any feature requests, I may be
able to polish it and to host it in its own git repository. Would be
glad if you like it. But please don't ask me for tested Tails patches, I
am not good at that.