Onion Circuits should connect via the Tor control port filter
One of my main motivations to remove Vidalia is to get rid of this “one X application has full control over Tor” situation, so it would be good if Tor Monitor was only allowed to get the information it needs, as opposed to being allowed to do everything such as configure a well-chosen set of M attacker-controlled bridges and de-anonymize the user (with precision = N bits, given N total bridges controlled by the attacker).
As of 20150220, Tor Monitor directly uses:
- GETINFO circuit-status
- GETINFO stream-status
- GETINFO ip-to-country
It also uses Stem, that probably sends more control commands to Tor.
Feature Branch: feature/7870-include_onionshare
Related issues
- Related to #9366 (closed)
- Related to #9365
- Related to #8927
- Related to #6742 (closed)
- Related to #11542 (closed)
- Related to #11826 (closed)
- Has duplicate #10058 (closed)
- Blocks #11197 (closed)
Original created by @intrigeri on 9001 (Redmine)