diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-03-08 15:42:54 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-03-08 15:42:54 -0500 |
| commit | ec8a06c5a17c1c4c0b5ff17e73810d98fcdf949b (patch) | |
| tree | ec2c9160d4c5a3c4c1ccf4936174c7968f900730 /changes | |
| parent | fe50b676bc905c527254d0bbd1f7c36d41512efe (diff) | |
| download | tor-ec8a06c5a17c1c4c0b5ff17e73810d98fcdf949b.tar.gz tor-ec8a06c5a17c1c4c0b5ff17e73810d98fcdf949b.zip | |
Require a threshold of exit nodes before building circuits
This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about. Fixes bug 5343.
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug5343 | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/changes/bug5343 b/changes/bug5343 new file mode 100644 index 0000000000..e4e14897f6 --- /dev/null +++ b/changes/bug5343 @@ -0,0 +1,7 @@ + o Security fixes: + - Only build circuits if we have a sufficient threshold of the total + descriptors marked in the consensus with the "Exit" flag. This + mitigates an attack proposed by wanoskarnet, in which all of a + client's bridges collude to restrict the exit nodes that the + client knows about. Fixes bug 5343. + |