2014-08-11 12:27:04 -07:00
|
|
|
o Major features (security)
|
2015-01-29 14:45:21 -05:00
|
|
|
- Implementation of an AF_UNIX socket option to implement a SOCKS
|
2014-08-11 12:27:04 -07:00
|
|
|
proxy reachable by Unix Domain Socket. This allows client applications to
|
|
|
|
|
communicate with Tor without having the ability to create AF_INET or
|
|
|
|
|
AF_INET6 family sockets. If an application has permission to create a socket
|
|
|
|
|
with AF_UNIX, it may directly communicate with Tor as if it were an other
|
|
|
|
|
SOCKS proxy. This should allow high risk applications to be entirely prevented
|
|
|
|
|
from connecting directly with TCP/IP, they will be able to only connect to the
|
2015-01-29 14:45:21 -05:00
|
|
|
internet through AF_UNIX and only through Tor.
|
|
|
|
|
To create a socket of this type, use the syntax "unix:/path/to/socket".
|
|
|
|
|
Closes ticket 12585.
|
|
|
|
|
|
