Date: Fri, 17 Mar 2006 12:47:45 -0800 From: Wes Santee <wes@bogon.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/94621: security/tor-devel defaults data directory to non-persistent storage location Message-ID: <441B2071.1000800@bogon.net> Resent-Message-ID: <200603172050.k2HKoEaM039953@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 94621
>Category: ports
>Synopsis: security/tor-devel defaults data directory to non-persistent
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 17 20:50:14 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Wes Santee
>Release: FreeBSD 6.0-STABLE i386
>Organization:
N/A
>Environment:
System: FreeBSD lister.wifi.bogon.net 6.0-STABLE FreeBSD 6.0-STABLE #3:
Tue Feb 21 15:35:34 PST 2006
root@lister.internal.bogon.net:/storage/usr/obj/usr/src/sys/LISTER i386
>Description:
The security/tor-devel port installs /usr/local/etc/rc.d/tor.sh.
This script handles the starting and stopping of the tor process
when tor_enabled="YES" is in /etc/rc.conf.
The script overrides the value of DataDirectory in the
/usr/local/etc/tor/torrc file by defining the variable
tor_datadir. The problem is that tor_datadir (in addition
to not being a documented variable in the comments of the
script) points to /var/run/tor.
Since /var/run is emptied during system startup (by way of
/etc/rc.d/cleanvar), the tor server's secret key is erased
each time the system is started. This causes an entirely
new server fingerprint to be created each time. This
fingerprint must stay the same for the server to be recognized
on the tor network.
>How-To-Repeat:
1) Install /security/tor-devel with default options
2) Configure as a server in /usr/local/etc/tor/torrc
(specify ORPort and DirPort).
3) Add "tor_enable=YES" to /etc/rc.conf and start tor
via /usr/local/etc/rc.d/tor.sh start.
4) Check fingerprint in /var/run/tor/fingerprint
5) Reboot system
6) When system comes up again, check fingerprint file.
It will probably have changed as a result of the
keyfile being deleted and regenerated.
>Fix:
1) Do not use a default of /var/run/tor for the data directory.
2) If the tor.sh startup script is going to override what
is in the torrc, document the variable in the script file.
>Release-Note:
>Audit-Trail:
>Unformatted:
storage location
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?441B2071.1000800>