mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-14 07:03:44 +01:00
10 lines
506 B
Plaintext
10 lines
506 B
Plaintext
|
o Security Features:
|
||
|
- Provide controllers with a safer way to implement the cookie
|
||
|
authentication mechanism. With the old method, if another locally
|
||
|
running program could convince a controller that it was the Tor
|
||
|
process, then that program could trick the contoller into
|
||
|
telling it the contents of an arbitrary 32-byte file. The new
|
||
|
"SAFECOOKIE" authentication method uses a challenge-response
|
||
|
approach to prevent this. Fixes bug 5185, implements proposal 193.
|
||
|
|