diff options
| author | Roger Dingledine <arma@torproject.org> | 2009-08-26 15:43:18 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2009-08-26 15:43:18 -0400 |
| commit | b7e8a4631fecc3b3e241780bf1d735683562fd97 (patch) | |
| tree | 6c53133eee9e2559c327e8e5fd68f5a807658b8b | |
| parent | 5308eceef3e7287f77d7b10065c9f8341c5dd75b (diff) | |
| download | tor-b7e8a4631fecc3b3e241780bf1d735683562fd97.tar.gz tor-b7e8a4631fecc3b3e241780bf1d735683562fd97.zip | |
changelog and spec changes for the .exit fix
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | doc/spec/address-spec.txt | 5 |
2 files changed, 10 insertions, 1 deletions
@@ -1,4 +1,10 @@ Changes in version 0.2.2.1-alpha - 2009-08-26 + o Security fixes: + - Start the process of disabling ".exit" address notation, since it + can be used for a variety of esoteric application-level attacks + on users. To reenable it, set "AllowDotExit 1" in your torrc. Fix + on 0.0.9rc5. + o New directory authorities: - Set up urras (run by Jacob Appelbaum) as the seventh v3 directory authority. diff --git a/doc/spec/address-spec.txt b/doc/spec/address-spec.txt index fdae9b82a4..2e1aff2b8a 100644 --- a/doc/spec/address-spec.txt +++ b/doc/spec/address-spec.txt @@ -33,10 +33,13 @@ "www.google.com.foo.exit=64.233.161.99.foo.exit" to speed subsequent lookups. + The .exit notation is disabled by default as of Tor 0.2.2.1-alpha, due + to potential application-level attacks. + EXAMPLES: www.example.com.exampletornode.exit - Connect to www.example.com from the node called "exampletornode." + Connect to www.example.com from the node called "exampletornode". exampletornode.exit |