mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 13:13:44 +01:00
10 lines
506 B
Plaintext
10 lines
506 B
Plaintext
o Security Features:
|
|
- Provide controllers with a safer way to implement the cookie
|
|
authentication mechanism. With the old method, if another locally
|
|
running program could convince a controller that it was the Tor
|
|
process, then that program could trick the contoller into
|
|
telling it the contents of an arbitrary 32-byte file. The new
|
|
"SAFECOOKIE" authentication method uses a challenge-response
|
|
approach to prevent this. Fixes bug 5185, implements proposal 193.
|
|
|