From owner-freebsd-hackers@freebsd.org Tue Dec 11 19:15:59 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EEEE013103D1 for ; Tue, 11 Dec 2018 19:15:58 +0000 (UTC) (envelope-from ian@freebsd.org) Received: from outbound3d.ore.mailhop.org (outbound3d.ore.mailhop.org [54.186.57.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 74EAA87507 for ; Tue, 11 Dec 2018 19:15:58 +0000 (UTC) (envelope-from ian@freebsd.org) ARC-Seal: i=1; a=rsa-sha256; t=1544555736; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=l6KnlCGKkbgmit8Z9ibyaqdY6xroVr87VMHVU/E4WNC2apG0snEKpaV1GIun0Ok8etLD8iRoi9Lgq DvlF41bVQW4fdTU0CzNfw3eY/8BtHYQFCiIfcflH9DbqrDPNQME9WdXInQM9F07yCTcf/iI8+Q+Kdo XoGLzC+kdVugETrQ1mF+RfnhVxjl543muZbzUDctGsKBs7FA3+JbcT8X8VG8PWViDNNFAaJTMWYqdr bdOAJWNztZNh9Oh979RVXhEB6LsCGjuJC1yPBaOO73XBl0Fk1rtnZvnlqnw6y45Yrva0Ws24/DvD+m USZctTUfIqDEh5LXqmaEPXAja2JTWCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:to:from:subject:message-id:dkim-signature:from; bh=dPYH9NKLMzespEA+4evCi3SRXJw67sSGr7KDhqRrr0o=; b=ro4BG/s8lCOo8460gQofFJgZ2UT5hMjX5CMl/QptNYrD04HBQIyyBpAgNDaCQQuVnx33OeUuChly/ xyDdarh0YdPizARe0hHhdP9bZrW/uCp/AVKUNKKoaPSljqyHaqXl+6muYA/KiFzxWZkmo7+eFO/2c3 FPcCB2Jv6CVgpAPWXeqW9Tje1rZw1RfQs+Ke4XTNlhXrGWi2vgZq0WgcRUt/4njP8ZYIp74xcdDS55 m15R4foTaKzZXDxhx+ZejcIUBDhV5ke5RMEAvRbuwUu5Fq9RjyG0aZvPYb3s9k4gyQX44t60BQ4pqT 3By4aTAZcb9aujuesGbOJLRS90DKQog== ARC-Authentication-Results: i=1; outbound3.ore.mailhop.org; spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60; dmarc=none header.from=freebsd.org; arc=none header.oldest-pass=0; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:to:from:subject:message-id:from; bh=dPYH9NKLMzespEA+4evCi3SRXJw67sSGr7KDhqRrr0o=; b=d5pNyeEuqWyJQ4IBiHTFTyo9R0QXR3TY5+SS8Q6A/8ZviojYiO1fNKC3Z5Wfz/F9amr2on9B1s9j5 JOC8VZetVLhNi+t/dGor7dt9dnApRuU+82U2Fw4V3x7lkcWBxCJUBhWOSVmjXcfjSpcaXEPMTjCIvO 3PtdOORzdIxJ0cff6goWlTPLEGaZh+nky85K/fn8S782FlCkHHtRG61DzHwSnkAI3AgX4Gi8neXTLI 4rTea5xXXyWp4j0n4IJiDOG2b5CyXH+B/YoNfBQLSxGpZKEI2c/TOv7gExjMckjOOB/7ou7lKOyppV 2+shtbmj0Yd+lOsFIKME8KDIiruB+sw== X-MHO-RoutePath: aGlwcGll X-MHO-User: 22a8f89e-fd79-11e8-a59a-7b143e15dabc X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information X-Originating-IP: 67.177.211.60 X-Mail-Handler: DuoCircle Outbound SMTP Received: from ilsoft.org (unknown [67.177.211.60]) by outbound3.ore.mailhop.org (Halon) with ESMTPSA id 22a8f89e-fd79-11e8-a59a-7b143e15dabc; Tue, 11 Dec 2018 19:15:35 +0000 (UTC) Received: from rev (rev [172.22.42.240]) by ilsoft.org (8.15.2/8.15.2) with ESMTP id wBBJFt6R075667; Tue, 11 Dec 2018 12:15:55 -0700 (MST) (envelope-from ian@freebsd.org) Message-ID: <1544555755.44045.14.camel@freebsd.org> Subject: Re: Running Tor service in the jail environment From: Ian Lepore To: Hubert Hauser , freebsd-hackers@freebsd.org Date: Tue, 11 Dec 2018 12:15:55 -0700 In-Reply-To: References: <66526968-1446-c95e-629a-fb9e1b246111@mail.com> <1544543387.1860.347.camel@freebsd.org> <65a5540f-2f1c-0470-b650-cf9fd696ea7a@autisticstory.net> <1544555568.44045.12.camel@freebsd.org> Content-Type: text/plain; charset="ISO-8859-1" X-Mailer: Evolution 3.18.5.1 FreeBSD GNOME Team Port Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 74EAA87507 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-4.97 / 15.00]; NEURAL_HAM_SHORT(-0.97)[-0.972,0]; REPLY(-4.00)[] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Dec 2018 19:15:59 -0000 On Tue, 2018-12-11 at 20:13 +0100, Hubert Hauser wrote: > Hi there! > > > > > It sounds like a good idea but weren't a better solution use an > > open-hardware device acting as Tor router with installed OpenBSD or > > HardenedBSD? Why wouldn't you use for it jail environment? I want > > to > > place Tor in the jail environment because I want to prevent system > > being > > compromised in case compromising Tor service. > Ian, thank you for reply about disabling ntpd in jails but you > haven't > replied for above questions. > > Cheers, > Hubert. > I know nothing about tor, or hardendedbsd, or openbsd.  I answered the part I do know about. -- Ian