Date: Wed, 12 Dec 2018 19:13:21 +0100 (CET) From: Oliver Fromme <oliver@fromme.com> To: freebsd-hackers@freebsd.org, atypical@autisticstory.net (Hubert Hauser) Subject: Re: Running Tor service in the jail environment Message-ID: <201812121813.wBCIDLHa047117@nox.thiemo.net> In-Reply-To: <65a5540f-2f1c-0470-b650-cf9fd696ea7a@autisticstory.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hubert Hauser wrote: > It sounds like a good idea but weren't a better solution use an > open-hardware device acting as Tor router with installed OpenBSD > or HardenedBSD? Personally I trust FreeBSD more than the alternatives. But that's just me. ;-) > Why wouldn't you use for it jail environment? I want to place > Tor in the jail environment because I want to prevent system > being compromised in case compromising Tor service. I think it would be better to put the Tor service inside a virtual machine, for example VirtualBox or FreeBSD's own technology called bhyve. It has two advantages: First, the separation is somewhat "stricter" and more extensive than jails (for example, jails still share the same kernel, but VMs do not). Second, it is easier to create a setup suitable for networking with Tor. It might be possible with a jail, too, but I think that would be more difficult and error-prone. And you *do* want to avoid errors when you're going to set up a Tor service. Disclaimer: I've never set up a Tor service myself. Best regards Olli -- Oliver Fromme, München -- FreeBSD + DragonFly BSD ``We are all but compressed light'' - Albert Einstein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812121813.wBCIDLHa047117>