From owner-freebsd-hackers@freebsd.org Tue Dec 11 19:14:42 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9B2471310288 for ; Tue, 11 Dec 2018 19:14:42 +0000 (UTC) (envelope-from atypical@autisticstory.net) Received: from cloud-vps.localdomain (unknown [IPv6:2001:15e8:110:75a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 02CC2873D8; Tue, 11 Dec 2018 19:14:42 +0000 (UTC) (envelope-from atypical@autisticstory.net) Received: from localhost (localhost [127.0.0.1]) by cloud-vps.localdomain (Postfix) with ESMTP id BFD4D40635; Tue, 11 Dec 2018 20:14:40 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mail.autisticstory.net Received: from cloud-vps.localdomain ([127.0.0.1]) by localhost (mail.autisticstory.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hZg6-oz2dmsR; Tue, 11 Dec 2018 20:14:38 +0100 (CET) Received: from [192.168.1.104] (unknown [83.142.188.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: atypical@autisticstory.net) by cloud-vps.localdomain (Postfix) with ESMTPSA id 7DDCA3FD09; Tue, 11 Dec 2018 20:14:38 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=autisticstory.net; s=201807; t=1544555678; bh=UWEfjO6wNIMGJPyhxeKjaoFECGMyThnMh95Ld7KszoA=; h=Subject:To:References:From:Date:In-Reply-To:From; b=lW5jxFFd7DCQaW9Pf74duQJyQindu4Mnc5f5M9TlM3Q+EF/lmjkvjxjlgpvLe5Jva DcZtddH8fgIPFAw5GwOptORUVzhynUtfW5YhqZqoNb3VKeXM5DLUKx6lD5hMG8tGj5 /Xvl/V12NLEB+gvT+L3SkoeIkTWaBEkrn4Q1yGSDcilQF6NvOCqu5LUt562Yhx+Mt4 VTs48XyaDCT5n+qvEbvIioNO/68/mhO0fZlkrWrfn9zTpp7rrVWLES99+dFc3Rvh3T tDBjyhtAt1dPk968e1lsshofLeS8Fv3dfLYnSQd5K6H1KDZDqxxqbFFd5YW6Lp3XAh /XZHpFur61uDjSSea9JiHGCmHuT8akow1wOFQN7Syq5RPd4L9tESyZDh6bIt0Ubqgc V/Xs6HQ3zIzbEcCux6x/Wb9bm4jVtFxtvZrksKNWBXb7k9aF3ifAxoXHyCWnl6FiOV jOGYpe/KTOAO2xC/maA7bRSHfwW5eN4y/KyxIkmwPBUL1HUzAx1lUhvOA1YMFeq1Ns 4TBlWCRv2oyY49RXeCoVRmKmAFfBFJBxzdZVeLxyfSSrjFbDKZz1A6JD/tF0TlBepB 17JrEqZiV8noPyGXnelOpFDoT0kO9ipXHD2XQF4A/oBh2Zr2zGT+Hi653i/tq82pNi tNbmcUvSRF3yQVPM2py5eRRg= Subject: Re: Running Tor service in the jail environment To: Ian Lepore , freebsd-hackers@freebsd.org References: <66526968-1446-c95e-629a-fb9e1b246111@mail.com> <1544543387.1860.347.camel@freebsd.org> <65a5540f-2f1c-0470-b650-cf9fd696ea7a@autisticstory.net> <1544555568.44045.12.camel@freebsd.org> From: Hubert Hauser Openpgp: preference=signencrypt Autocrypt: addr=atypical@autisticstory.net; keydata= xsFNBFvfH1cBEADMaaPj9N4y/pGIYrpYgkmabzCa+3AP/GZH3++d7DLGcVH7cePoCKKANa/F 9LXXACQDMmkdXBPXndUAN1sZmzYiQF+E15G9U9BEx1wBJxMmevGbJ28XGIu8ZTwOcNzIlO5G yhQVbKlfckuIEMFnPhqm863a91UyyQL19/JWnDBfq/DOTmPSc/tWPfWgpJdCsI6zRWreLXCb fwVg4L3prqkJbjVIuPsKS5YBF1eII6ABqcFvlGdZFQaN6Cy/4+pswVQUAaySWG/1tYq9XMbV 6zuBl15l8txRYu0aNdnV6A6900HmeKAWCthw1JMemOggMokxU5OR8dHez0CMPDvSJaXLJr0t wZeOlcK2Z8vSE1IRyvdSbtBKWM6YzfX+hOQzxRGy3qi4Z8Pk1yx9pjtrueM1Fhz3Ag7TQNuv tLMlfYx1PgZyWVNo8K7J/D2jS/Sk6uMkgMfq5D3Ef1sJb8lh2kIxU5mRrlQQof+g/HW9iIP2 qXuylJvwNGpqGX52Hrz17B6tZaRtBnRHV2ZX4dv3LI+msGzjePrYdKPUmjdkPf8ztUps0qMY F93zXL5PEyuv9UmNeJlr+5UCcWWB9w71vSbTCqIIxTzhlQ+09118b//XTYYnolAcFb3KE5iM eMYG67OkmvAjaKFh75TKlGcQNmvX45l4kzl9guyYsysH7knJQQARAQABzSpIdWJlcnQgSGF1 c2VyIDxhdHlwaWNhbEBhdXRpc3RpY3N0b3J5Lm5ldD7CwZQEEwEIAD4WIQRJqW9Zo0ULA/tV 5BgsJbHYs2XiPQUCW98fVwIbIwUJCWYBgAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAs JbHYs2XiPcuXEACsPUZvMEJ7wUfnRr0EEVF3jWCuTSW2cD/HJG2mgwmu0SHDQJTwn5TNUYfv Yt2fBnL6TxnJxz2gjnF7DLuk7Gpo5ABmIjuh41f4NaVIbiBdVhMjueQISSEaaMJTbg4lQpr5 kPR+SWN6om3gff7V2SJ9ZozsVl/wc1wl75ndwk87gxvZJsQxhwIB6JOWCrtnD6SbldDcrKy9 wYGTEKnZpHMQaE5BB/1BADrHICPe4V2GYVTNpV/o7cneVAPSUT/AlUJHvVq6PWEOg7ld/rWq CaW9YbR+/wSikiwY5X7F+yg33G3Ys0mHVuDnWIKhGr24C/n6g3PjWTAdpg3MTBDitYFxjucZ S1luTooCkgYIF04/weV2ghrVOvAYCbtr+oN5mvfR2BwIW6v6SChyHOUMAEYyA2SHOjlNEv7+ Ws9zEHYlYXeTYIc/KMxsSEaVSuXQfsVn5uxMHlbeJ5ypMBDdke9zh6XJ39npgkR2eFHQJIqd 4BTqQbuSJPZllhXYwaeHfMy4ZZf41JFdXLNBXeQqXvnjjugGG0IrsC72OORp9iE+/4zbO/yg BvMD0jWVO94DL/3amH4nMM0RUBXIlo0mBDeuDvB0PIAyw2/fqSuMAmykLI40JoaKIfgeMcyU bv4Ra06Lz8oLXC63T6ZKT655lLU/P1cbgJXiwGjPvjupir9nEs7BTQRb3x9XARAAsz4qZEDX HpJ7s9AJS0YWjMkG2STodEV6XNaNum5BnXUF583vJUeAH9bEGqh0CY+MDXBhs4diLGVbacpe Vzac6UBQYKdwfYeZMuX5TFvPsVBv3XGvrNfhNWFnPlTUA7r9fah4QFNcDX0nRt/y1wtGknb1 JQW3vVRb/Z0q4oemPRw1cZ7yCsgBD1yD6ib13U8VYt6v+jxavS6EKh6hXjb/gUC/KOvsm2t7 UIBV5C0b8O98Dvy5csi5qQx3x0h7IAOvchpJ8i31Ke0s7xaJf2ghW2YqfNZOujtebqbc9/uf wuNOCQkL/yRirWpe7WXGAGUbM2rsqucWWpEKaHEEc5icYEeShJOyESOvRR1aEWeNBbntXMXK KMeUzLwYlqPptTxOWApIPbKJ37fHEG8QJi2H1jyn+NKLzB75GsyydUkmj/dLAuD00OF9Nn5B iJQPNFV58Q7VL99pTBhzXDj/2ZHxnYt0dVnyxE+FEOdklIcwX1PizUwHz01nUyFn+7bjgiFS LE2/5P8p7KDnpZAJgIy06sD2g8CsM4WUzRx4VHvHFkJhEWBA/E7AE+JVdEcyzjrhbM4xPR6i GbbxdvzLkUY5puM9srCnDmEN92k8joV3gFRffd2z7wIC+fYtZAhKqJiPHBaLZRQGDwmqO85x zbZBz8BPcP10JE7I4zjXvQmywgsAEQEAAcLBfAQYAQgAJhYhBEmpb1mjRQsD+1XkGCwlsdiz ZeI9BQJb3x9XAhsMBQkJZgGAAAoJECwlsdizZeI9B3kP/iBhveI7ov5IXgSMUmeMyc0MXrUB S8F4KE6kS4o82MGXPFpJunWM8WFtJwmOt6AmtE49RzuI0tH6RPfumiCFs8oaQxfQIfOw9q1I xKgF2nGRBf40OU69K7p9tKEFhqiJRyoqyTNmdunRbMTKUPobyxbH7RArobq+YaDiu4DKZ43Z W/0yR/Z0OBavE3aXeN2ePX6JM0sF2MWBIyha4lT7va1njcgLjUHzMi0l8XLAYH/YfuDHbi3S g5rDXGuvA/DfjHV3Yup1tdx+u3X65sKmSvQ1E8Ol8QCbxyfcHWResAdBdIrBBtQ6PjTw+bS4 29UCVyUJBP8oDWv3G4F9or+rUZjVxSyVdRIsFMe7+64gcPc8GFiT2ML2WhlK15b/F6qrT/bz eT/LATJUyBhYy5FEgaN1sR0YH6PPj1yOOiFS3shY1frasSZrtQS0uOv1tbR0kC40LRwIjodT CiqqoeocxvmCcSUmdS7sO5dwk5UxqHb0pggicR4FtAi9MsAFgqQLli32uAk3sKcoweuzurGe CRZQ3j54zXYQTXMc5l4ciZrwlt9l58VJvWqJzvBxa9XY7I8Y65FfA0dr+QaGtc85Ahq4LVF4 asP53ZlxwK4U7IQC0eg+LctuAxyoViMmGUu2G4arr4N8lGkiXyzzcP9QkWD0uCaH/Ig2JsC7 sCu5NBfl Message-ID: Date: Tue, 11 Dec 2018 20:13:21 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.3 MIME-Version: 1.0 In-Reply-To: <1544555568.44045.12.camel@freebsd.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Content-Language: en-US X-Virus-Scanned: ClamAV using ClamSMTP X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Dec 2018 19:14:42 -0000 Hi there! > It sounds like a good idea but weren't a better solution use an > open-hardware device acting as Tor router with installed OpenBSD or > HardenedBSD? Why wouldn't you use for it jail environment? I want to > place Tor in the jail environment because I want to prevent system > being > compromised in case compromising Tor service. Ian, thank you for reply about disabling ntpd in jails but you haven't replied for above questions. Cheers, Hubert.